Harmonyos
by Huawei
CVEs (1,067)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-46892 | 0.00 | — | 0.00 | Jul 6, 2023 | Encryption bypass vulnerability in Maintenance mode. Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2022-48511 | 0.00 | — | 0.00 | Jul 6, 2023 | Use After Free (UAF) vulnerability in the audio PCM driver module under special conditions. Successful exploitation of this vulnerability may cause audio features to perform abnormally. | |||
| CVE-2022-48510 | 0.00 | — | 0.00 | Jul 6, 2023 | Input verification vulnerability in the AMS module. Successful exploitation of this vulnerability will cause unauthorized operations. | |||
| CVE-2022-48509 | 0.00 | — | 0.00 | Jul 6, 2023 | Race condition vulnerability due to multi-thread access to mutually exclusive resources in Huawei Share. Successful exploitation of this vulnerability may cause the program to exit abnormally. | |||
| CVE-2022-48507 | 0.00 | — | 0.00 | Jul 6, 2023 | Vulnerability of identity verification being bypassed in the storage module. Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2023-34164 | 0.00 | — | 0.00 | Jul 6, 2023 | Vulnerability of incomplete input parameter verification in the communication framework module. Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2023-3456 | 0.00 | — | 0.00 | Jul 6, 2023 | Vulnerability of kernel raw address leakage in the hang detector module. Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2023-37245 | 0.00 | — | 0.00 | Jul 6, 2023 | Buffer overflow vulnerability in the modem pinctrl module. Successful exploitation of this vulnerability may affect the integrity and availability of the modem. | |||
| CVE-2023-37242 | 0.00 | — | 0.00 | Jul 6, 2023 | Vulnerability of commands from the modem being intercepted in the atcmdserver module. Attackers may exploit this vulnerability to rewrite the non-volatile random-access memory (NVRAM), or facilitate the exploitation of other vulnerabilities. | |||
| CVE-2023-37241 | 0.00 | — | 0.00 | Jul 6, 2023 | Input verification vulnerability in the WMS API. Successful exploitation of this vulnerability may cause the device to restart. | |||
| CVE-2023-37240 | 0.00 | — | 0.00 | Jul 6, 2023 | Vulnerability of missing input length verification in the distributed file system. Successful exploitation of this vulnerability may cause out-of-bounds read. | |||
| CVE-2023-37239 | 0.00 | — | 0.00 | Jul 6, 2023 | Format string vulnerability in the distributed file system. Attackers who bypass the selinux permission can exploit this vulnerability to crash the program. | |||
| CVE-2023-37238 | 0.00 | — | 0.00 | Jul 6, 2023 | Vulnerability of apps' permission to access a certain API being incompletely verified in the wireless projection module. Successful exploitation of this vulnerability may affect some wireless projection features. | |||
| CVE-2021-46894 | 0.00 | — | 0.00 | Jul 6, 2023 | Use After Free (UAF) vulnerability in the uinput module.Successful exploitation of this vulnerability may lead to kernel privilege escalation. | |||
| CVE-2022-48512 | 0.00 | — | 0.00 | Jul 6, 2023 | Use After Free (UAF) vulnerability in the Vdecoderservice service. Successful exploitation of this vulnerability may cause the image decoding feature to perform abnormally. | |||
| CVE-2022-48508 | 0.00 | — | 0.00 | Jul 6, 2023 | Inappropriate authorization vulnerability in the system apps. Successful exploitation of this vulnerability may affect service integrity. | |||
| CVE-2023-3455 | 0.00 | — | 0.00 | Jul 5, 2023 | Key management vulnerability on system. Successful exploitation of this vulnerability may affect service availability and integrity. | |||
| CVE-2021-46893 | 0.00 | — | 0.00 | Jul 5, 2023 | Vulnerability of unstrict data verification and parameter check. Successful exploitation of this vulnerability may affect integrity. | |||
| CVE-2021-46891 | 0.00 | — | 0.00 | Jul 5, 2023 | Vulnerability of incomplete read and write permission verification in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability. | |||
| CVE-2021-46890 | 0.00 | — | 0.00 | Jul 5, 2023 | Vulnerability of incomplete read and write permission verification in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability. |
- CVE-2021-46892Jul 6, 2023risk 0.00cvss —epss 0.00
Encryption bypass vulnerability in Maintenance mode. Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2022-48511Jul 6, 2023risk 0.00cvss —epss 0.00
Use After Free (UAF) vulnerability in the audio PCM driver module under special conditions. Successful exploitation of this vulnerability may cause audio features to perform abnormally.
- CVE-2022-48510Jul 6, 2023risk 0.00cvss —epss 0.00
Input verification vulnerability in the AMS module. Successful exploitation of this vulnerability will cause unauthorized operations.
- CVE-2022-48509Jul 6, 2023risk 0.00cvss —epss 0.00
Race condition vulnerability due to multi-thread access to mutually exclusive resources in Huawei Share. Successful exploitation of this vulnerability may cause the program to exit abnormally.
- CVE-2022-48507Jul 6, 2023risk 0.00cvss —epss 0.00
Vulnerability of identity verification being bypassed in the storage module. Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2023-34164Jul 6, 2023risk 0.00cvss —epss 0.00
Vulnerability of incomplete input parameter verification in the communication framework module. Successful exploitation of this vulnerability may affect availability.
- CVE-2023-3456Jul 6, 2023risk 0.00cvss —epss 0.00
Vulnerability of kernel raw address leakage in the hang detector module. Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2023-37245Jul 6, 2023risk 0.00cvss —epss 0.00
Buffer overflow vulnerability in the modem pinctrl module. Successful exploitation of this vulnerability may affect the integrity and availability of the modem.
- CVE-2023-37242Jul 6, 2023risk 0.00cvss —epss 0.00
Vulnerability of commands from the modem being intercepted in the atcmdserver module. Attackers may exploit this vulnerability to rewrite the non-volatile random-access memory (NVRAM), or facilitate the exploitation of other vulnerabilities.
- CVE-2023-37241Jul 6, 2023risk 0.00cvss —epss 0.00
Input verification vulnerability in the WMS API. Successful exploitation of this vulnerability may cause the device to restart.
- CVE-2023-37240Jul 6, 2023risk 0.00cvss —epss 0.00
Vulnerability of missing input length verification in the distributed file system. Successful exploitation of this vulnerability may cause out-of-bounds read.
- CVE-2023-37239Jul 6, 2023risk 0.00cvss —epss 0.00
Format string vulnerability in the distributed file system. Attackers who bypass the selinux permission can exploit this vulnerability to crash the program.
- CVE-2023-37238Jul 6, 2023risk 0.00cvss —epss 0.00
Vulnerability of apps' permission to access a certain API being incompletely verified in the wireless projection module. Successful exploitation of this vulnerability may affect some wireless projection features.
- CVE-2021-46894Jul 6, 2023risk 0.00cvss —epss 0.00
Use After Free (UAF) vulnerability in the uinput module.Successful exploitation of this vulnerability may lead to kernel privilege escalation.
- CVE-2022-48512Jul 6, 2023risk 0.00cvss —epss 0.00
Use After Free (UAF) vulnerability in the Vdecoderservice service. Successful exploitation of this vulnerability may cause the image decoding feature to perform abnormally.
- CVE-2022-48508Jul 6, 2023risk 0.00cvss —epss 0.00
Inappropriate authorization vulnerability in the system apps. Successful exploitation of this vulnerability may affect service integrity.
- CVE-2023-3455Jul 5, 2023risk 0.00cvss —epss 0.00
Key management vulnerability on system. Successful exploitation of this vulnerability may affect service availability and integrity.
- CVE-2021-46893Jul 5, 2023risk 0.00cvss —epss 0.00
Vulnerability of unstrict data verification and parameter check. Successful exploitation of this vulnerability may affect integrity.
- CVE-2021-46891Jul 5, 2023risk 0.00cvss —epss 0.00
Vulnerability of incomplete read and write permission verification in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.
- CVE-2021-46890Jul 5, 2023risk 0.00cvss —epss 0.00
Vulnerability of incomplete read and write permission verification in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.
Page 31 of 54