Harmonyos
by Huawei
CVEs (1,067)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-46883 | 0.00 | — | 0.00 | May 26, 2023 | The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2023-31225 | 0.00 | — | 0.00 | May 26, 2023 | The Gallery app has the risk of hijacking attacks. Successful exploitation of this vulnerability may cause download failures and affect product availability. | |||
| CVE-2023-31226 | 0.00 | — | 0.00 | May 26, 2023 | The SDK for the MediaPlaybackController module has improper permission verification. Successful exploitation of this vulnerability may affect confidentiality. | |||
| CVE-2021-46884 | 0.00 | — | 0.00 | May 26, 2023 | The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2023-0116 | 0.00 | — | 0.00 | May 26, 2023 | The reminder module lacks an authentication mechanism for broadcasts received. Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2021-46881 | 0.00 | — | 0.00 | May 26, 2023 | The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2021-46886 | 0.00 | — | 0.00 | May 26, 2023 | The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2022-48479 | 0.00 | — | 0.00 | May 26, 2023 | The facial recognition TA of some products has the out-of-bounds memory read vulnerability. Successful exploitation of this vulnerability may cause exceptions of the facial recognition service. | |||
| CVE-2022-48478 | 0.00 | — | 0.00 | May 26, 2023 | The facial recognition TA of some products lacks memory length verification. Successful exploitation of this vulnerability may cause exceptions of the facial recognition service. | |||
| CVE-2023-31227 | 0.00 | — | 0.00 | May 26, 2023 | The hwPartsDFR module has a vulnerability in API calling verification. Successful exploitation of this vulnerability may affect device confidentiality. | |||
| CVE-2021-46882 | 0.00 | — | 0.00 | May 26, 2023 | The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2023-1696 | 0.00 | — | 0.00 | May 20, 2023 | The multimedia video module has a vulnerability in data processing.Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2023-1694 | 0.00 | — | 0.00 | May 20, 2023 | The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality. | |||
| CVE-2023-1693 | 0.00 | — | 0.00 | May 20, 2023 | The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality. | |||
| CVE-2023-1692 | 0.00 | — | 0.00 | May 20, 2023 | The window management module lacks permission verification.Successful exploitation of this vulnerability may affect confidentiality. | |||
| CVE-2022-48314 | 0.00 | — | 0.00 | Apr 16, 2023 | The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing process. Successful exploitation of this vulnerability may affect confidentiality. | |||
| CVE-2022-48313 | 0.00 | — | 0.00 | Apr 16, 2023 | The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing process. Successful exploitation of this vulnerability may affect confidentiality. | |||
| CVE-2022-48312 | 0.00 | — | 0.00 | Apr 16, 2023 | The HwPCAssistant module has the out-of-bounds read/write vulnerability. Successful exploitation of this vulnerability may affect confidentiality and integrity. | |||
| CVE-2022-48348 | 0.00 | — | 0.00 | Mar 27, 2023 | The MediaProvider module has a vulnerability of unauthorized data read. Successful exploitation of this vulnerability may affect confidentiality and integrity. | |||
| CVE-2022-48361 | 0.00 | — | 0.00 | Mar 27, 2023 | The Always On Display (AOD) has a path traversal vulnerability in theme files. Successful exploitation of this vulnerability may cause a failure in reading AOD theme resources. |
- CVE-2021-46883May 26, 2023risk 0.00cvss —epss 0.00
The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.
- CVE-2023-31225May 26, 2023risk 0.00cvss —epss 0.00
The Gallery app has the risk of hijacking attacks. Successful exploitation of this vulnerability may cause download failures and affect product availability.
- CVE-2023-31226May 26, 2023risk 0.00cvss —epss 0.00
The SDK for the MediaPlaybackController module has improper permission verification. Successful exploitation of this vulnerability may affect confidentiality.
- CVE-2021-46884May 26, 2023risk 0.00cvss —epss 0.00
The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.
- CVE-2023-0116May 26, 2023risk 0.00cvss —epss 0.00
The reminder module lacks an authentication mechanism for broadcasts received. Successful exploitation of this vulnerability may affect availability.
- CVE-2021-46881May 26, 2023risk 0.00cvss —epss 0.00
The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.
- CVE-2021-46886May 26, 2023risk 0.00cvss —epss 0.00
The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.
- CVE-2022-48479May 26, 2023risk 0.00cvss —epss 0.00
The facial recognition TA of some products has the out-of-bounds memory read vulnerability. Successful exploitation of this vulnerability may cause exceptions of the facial recognition service.
- CVE-2022-48478May 26, 2023risk 0.00cvss —epss 0.00
The facial recognition TA of some products lacks memory length verification. Successful exploitation of this vulnerability may cause exceptions of the facial recognition service.
- CVE-2023-31227May 26, 2023risk 0.00cvss —epss 0.00
The hwPartsDFR module has a vulnerability in API calling verification. Successful exploitation of this vulnerability may affect device confidentiality.
- CVE-2021-46882May 26, 2023risk 0.00cvss —epss 0.00
The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.
- CVE-2023-1696May 20, 2023risk 0.00cvss —epss 0.00
The multimedia video module has a vulnerability in data processing.Successful exploitation of this vulnerability may affect availability.
- CVE-2023-1694May 20, 2023risk 0.00cvss —epss 0.00
The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality.
- CVE-2023-1693May 20, 2023risk 0.00cvss —epss 0.00
The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality.
- CVE-2023-1692May 20, 2023risk 0.00cvss —epss 0.00
The window management module lacks permission verification.Successful exploitation of this vulnerability may affect confidentiality.
- CVE-2022-48314Apr 16, 2023risk 0.00cvss —epss 0.00
The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing process. Successful exploitation of this vulnerability may affect confidentiality.
- CVE-2022-48313Apr 16, 2023risk 0.00cvss —epss 0.00
The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing process. Successful exploitation of this vulnerability may affect confidentiality.
- CVE-2022-48312Apr 16, 2023risk 0.00cvss —epss 0.00
The HwPCAssistant module has the out-of-bounds read/write vulnerability. Successful exploitation of this vulnerability may affect confidentiality and integrity.
- CVE-2022-48348Mar 27, 2023risk 0.00cvss —epss 0.00
The MediaProvider module has a vulnerability of unauthorized data read. Successful exploitation of this vulnerability may affect confidentiality and integrity.
- CVE-2022-48361Mar 27, 2023risk 0.00cvss —epss 0.00
The Always On Display (AOD) has a path traversal vulnerability in theme files. Successful exploitation of this vulnerability may cause a failure in reading AOD theme resources.
Page 33 of 54