Harmonyos
by Huawei
CVEs (1,067)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-46868 | 0.00 | — | 0.00 | Jan 6, 2023 | The HW_KEYMASTER module has a problem in releasing memory.Successful exploitation of this vulnerability may result in out-of-bounds memory access. | |||
| CVE-2022-46311 | 0.00 | — | 0.00 | Dec 20, 2022 | The contacts component has a free (undefined) provider vulnerability. Successful exploitation of this vulnerability may affect data integrity. | |||
| CVE-2022-46326 | 0.00 | — | 0.00 | Dec 20, 2022 | Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions. | |||
| CVE-2022-46317 | 0.00 | — | 0.00 | Dec 20, 2022 | The power consumption module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability. | |||
| CVE-2022-46328 | 0.00 | — | 0.00 | Dec 20, 2022 | Some smartphones have the input validation vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2022-46325 | 0.00 | — | 0.00 | Dec 20, 2022 | Some smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause system service exceptions. | |||
| CVE-2022-46313 | 0.00 | — | 0.00 | Dec 20, 2022 | The sensor privacy module has an authentication vulnerability. Successful exploitation of this vulnerability may cause unavailability of the smartphone's camera and microphone. | |||
| CVE-2022-46327 | 0.00 | — | 0.00 | Dec 20, 2022 | Some smartphones have configuration issues. Successful exploitation of this vulnerability may cause privilege escalation, which results in system service exceptions. | |||
| CVE-2022-46316 | 0.00 | — | 0.00 | Dec 20, 2022 | A thread security vulnerability exists in the authentication process. Successful exploitation of this vulnerability may affect data integrity, confidentiality, and availability. | |||
| CVE-2022-46319 | 0.00 | — | 0.00 | Dec 20, 2022 | Fingerprint calibration has a vulnerability of lacking boundary judgment. Successful exploitation of this vulnerability may cause out-of-bounds write. | |||
| CVE-2022-46322 | 0.00 | — | 0.00 | Dec 20, 2022 | Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions. | |||
| CVE-2022-41591 | 0.00 | — | 0.01 | Dec 20, 2022 | The backup module has a path traversal vulnerability. Successful exploitation of this vulnerability causes unauthorized access to other system files. | |||
| CVE-2022-46312 | 0.00 | — | 0.00 | Dec 20, 2022 | The application management module has a vulnerability in permission verification. Successful exploitation of this vulnerability causes unexpected clear of device applications. | |||
| CVE-2022-46310 | 0.00 | — | 0.00 | Dec 20, 2022 | The TelephonyProvider module has a vulnerability in obtaining values.Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2022-41599 | 0.00 | — | 0.00 | Dec 20, 2022 | The system service has a vulnerability that causes incorrect return values. Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2022-41590 | 0.00 | — | 0.00 | Dec 20, 2022 | Some smartphones have authentication-related (including session management) vulnerabilities as the setup wizard is bypassed. Successful exploitation of this vulnerability affects the smartphone availability. | |||
| CVE-2022-46324 | 0.00 | — | 0.00 | Dec 20, 2022 | Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions. | |||
| CVE-2022-46318 | 0.00 | — | 0.00 | Dec 20, 2022 | The HAware module has a function logic error. Successful exploitation of this vulnerability will affect the account removal function in Settings. | |||
| CVE-2022-46315 | 0.00 | — | 0.01 | Dec 20, 2022 | The ProfileSDK has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability. | |||
| CVE-2022-46323 | 0.00 | — | 0.00 | Dec 20, 2022 | Some smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause system service exceptions. |
- CVE-2021-46868Jan 6, 2023risk 0.00cvss —epss 0.00
The HW_KEYMASTER module has a problem in releasing memory.Successful exploitation of this vulnerability may result in out-of-bounds memory access.
- CVE-2022-46311Dec 20, 2022risk 0.00cvss —epss 0.00
The contacts component has a free (undefined) provider vulnerability. Successful exploitation of this vulnerability may affect data integrity.
- CVE-2022-46326Dec 20, 2022risk 0.00cvss —epss 0.00
Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions.
- CVE-2022-46317Dec 20, 2022risk 0.00cvss —epss 0.00
The power consumption module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability.
- CVE-2022-46328Dec 20, 2022risk 0.00cvss —epss 0.00
Some smartphones have the input validation vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2022-46325Dec 20, 2022risk 0.00cvss —epss 0.00
Some smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause system service exceptions.
- CVE-2022-46313Dec 20, 2022risk 0.00cvss —epss 0.00
The sensor privacy module has an authentication vulnerability. Successful exploitation of this vulnerability may cause unavailability of the smartphone's camera and microphone.
- CVE-2022-46327Dec 20, 2022risk 0.00cvss —epss 0.00
Some smartphones have configuration issues. Successful exploitation of this vulnerability may cause privilege escalation, which results in system service exceptions.
- CVE-2022-46316Dec 20, 2022risk 0.00cvss —epss 0.00
A thread security vulnerability exists in the authentication process. Successful exploitation of this vulnerability may affect data integrity, confidentiality, and availability.
- CVE-2022-46319Dec 20, 2022risk 0.00cvss —epss 0.00
Fingerprint calibration has a vulnerability of lacking boundary judgment. Successful exploitation of this vulnerability may cause out-of-bounds write.
- CVE-2022-46322Dec 20, 2022risk 0.00cvss —epss 0.00
Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions.
- CVE-2022-41591Dec 20, 2022risk 0.00cvss —epss 0.01
The backup module has a path traversal vulnerability. Successful exploitation of this vulnerability causes unauthorized access to other system files.
- CVE-2022-46312Dec 20, 2022risk 0.00cvss —epss 0.00
The application management module has a vulnerability in permission verification. Successful exploitation of this vulnerability causes unexpected clear of device applications.
- CVE-2022-46310Dec 20, 2022risk 0.00cvss —epss 0.00
The TelephonyProvider module has a vulnerability in obtaining values.Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2022-41599Dec 20, 2022risk 0.00cvss —epss 0.00
The system service has a vulnerability that causes incorrect return values. Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2022-41590Dec 20, 2022risk 0.00cvss —epss 0.00
Some smartphones have authentication-related (including session management) vulnerabilities as the setup wizard is bypassed. Successful exploitation of this vulnerability affects the smartphone availability.
- CVE-2022-46324Dec 20, 2022risk 0.00cvss —epss 0.00
Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions.
- CVE-2022-46318Dec 20, 2022risk 0.00cvss —epss 0.00
The HAware module has a function logic error. Successful exploitation of this vulnerability will affect the account removal function in Settings.
- CVE-2022-46315Dec 20, 2022risk 0.00cvss —epss 0.01
The ProfileSDK has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability.
- CVE-2022-46323Dec 20, 2022risk 0.00cvss —epss 0.00
Some smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause system service exceptions.
Page 36 of 54