Harmonyos
by Huawei
CVEs (1,067)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-38998 | 0.00 | — | 0.00 | Oct 14, 2022 | The HISP module has a vulnerability of not verifying the data transferred in the kernel space.Successful exploitation of this vulnerability will cause out-of-bounds read, which affects data confidentiality. | |||
| CVE-2022-41580 | 0.00 | — | 0.01 | Oct 14, 2022 | The HW_KEYMASTER module has a vulnerability of not verifying the data read.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access. | |||
| CVE-2022-41588 | 0.00 | — | 0.00 | Oct 14, 2022 | The home screen module has a vulnerability in service logic processing.Successful exploitation of this vulnerability may affect data integrity. | |||
| CVE-2022-41602 | 0.00 | — | 0.00 | Oct 14, 2022 | The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service. | |||
| CVE-2022-38984 | 0.00 | — | 0.00 | Oct 14, 2022 | The HIPP module has a vulnerability of not verifying the data transferred in the kernel space.Successful exploitation of this vulnerability will cause out-of-bounds read, which affects data confidentiality. | |||
| CVE-2022-41585 | 0.00 | — | 0.00 | Oct 14, 2022 | The kernel module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause memory overwriting. | |||
| CVE-2022-41582 | 0.00 | — | 0.00 | Oct 14, 2022 | The security module has configuration defects.Successful exploitation of this vulnerability may affect system availability. | |||
| CVE-2022-41577 | 0.00 | — | 0.00 | Oct 14, 2022 | The kernel server has a vulnerability of not verifying the length of the data transferred in the user space.Successful exploitation of this vulnerability may cause out-of-bounds read in the kernel, which affects the device confidentiality and availability. | |||
| CVE-2022-41597 | 0.00 | — | 0.00 | Oct 14, 2022 | The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service. | |||
| CVE-2022-41601 | 0.00 | — | 0.00 | Oct 14, 2022 | The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service. | |||
| CVE-2022-41594 | 0.00 | — | 0.00 | Oct 14, 2022 | The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service. | |||
| CVE-2022-41578 | 0.00 | — | 0.01 | Oct 14, 2022 | The MPTCP module has an out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause root privilege escalation attacks implemented by modifying program information. | |||
| CVE-2022-41581 | 0.00 | — | 0.00 | Oct 14, 2022 | The HW_KEYMASTER module has a vulnerability of not verifying the data read.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access. | |||
| CVE-2022-38983 | 0.00 | — | 0.01 | Oct 14, 2022 | The BT Hfp Client module has a Use-After-Free (UAF) vulnerability.Successful exploitation of this vulnerability may result in arbitrary code execution. | |||
| CVE-2021-46840 | 0.00 | — | 0.00 | Oct 14, 2022 | The HW_KEYMASTER module has an out-of-bounds access vulnerability in parameter set verification.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access. | |||
| CVE-2022-41576 | 0.00 | — | 0.00 | Oct 14, 2022 | The rphone module has a script that can be maliciously modified.Successful exploitation of this vulnerability may cause irreversible programs to be implanted on user devices. | |||
| CVE-2022-41603 | 0.00 | — | 0.00 | Oct 14, 2022 | The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service. | |||
| CVE-2022-41584 | 0.00 | — | 0.00 | Oct 14, 2022 | The kernel module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause memory overwriting. | |||
| CVE-2022-38980 | 0.00 | — | 0.01 | Oct 14, 2022 | The HwAirlink module has a heap overflow vulnerability in processing data packets of the proprietary protocol.Successful exploitation of this vulnerability may allow attackers to obtain process control permissions. | |||
| CVE-2022-39010 | 0.00 | — | 0.01 | Sep 16, 2022 | The HwChrService module has a vulnerability in permission control. Successful exploitation of this vulnerability may cause disclosure of user network information. |
- CVE-2022-38998Oct 14, 2022risk 0.00cvss —epss 0.00
The HISP module has a vulnerability of not verifying the data transferred in the kernel space.Successful exploitation of this vulnerability will cause out-of-bounds read, which affects data confidentiality.
- CVE-2022-41580Oct 14, 2022risk 0.00cvss —epss 0.01
The HW_KEYMASTER module has a vulnerability of not verifying the data read.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.
- CVE-2022-41588Oct 14, 2022risk 0.00cvss —epss 0.00
The home screen module has a vulnerability in service logic processing.Successful exploitation of this vulnerability may affect data integrity.
- CVE-2022-41602Oct 14, 2022risk 0.00cvss —epss 0.00
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.
- CVE-2022-38984Oct 14, 2022risk 0.00cvss —epss 0.00
The HIPP module has a vulnerability of not verifying the data transferred in the kernel space.Successful exploitation of this vulnerability will cause out-of-bounds read, which affects data confidentiality.
- CVE-2022-41585Oct 14, 2022risk 0.00cvss —epss 0.00
The kernel module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause memory overwriting.
- CVE-2022-41582Oct 14, 2022risk 0.00cvss —epss 0.00
The security module has configuration defects.Successful exploitation of this vulnerability may affect system availability.
- CVE-2022-41577Oct 14, 2022risk 0.00cvss —epss 0.00
The kernel server has a vulnerability of not verifying the length of the data transferred in the user space.Successful exploitation of this vulnerability may cause out-of-bounds read in the kernel, which affects the device confidentiality and availability.
- CVE-2022-41597Oct 14, 2022risk 0.00cvss —epss 0.00
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.
- CVE-2022-41601Oct 14, 2022risk 0.00cvss —epss 0.00
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.
- CVE-2022-41594Oct 14, 2022risk 0.00cvss —epss 0.00
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.
- CVE-2022-41578Oct 14, 2022risk 0.00cvss —epss 0.01
The MPTCP module has an out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause root privilege escalation attacks implemented by modifying program information.
- CVE-2022-41581Oct 14, 2022risk 0.00cvss —epss 0.00
The HW_KEYMASTER module has a vulnerability of not verifying the data read.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.
- CVE-2022-38983Oct 14, 2022risk 0.00cvss —epss 0.01
The BT Hfp Client module has a Use-After-Free (UAF) vulnerability.Successful exploitation of this vulnerability may result in arbitrary code execution.
- CVE-2021-46840Oct 14, 2022risk 0.00cvss —epss 0.00
The HW_KEYMASTER module has an out-of-bounds access vulnerability in parameter set verification.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.
- CVE-2022-41576Oct 14, 2022risk 0.00cvss —epss 0.00
The rphone module has a script that can be maliciously modified.Successful exploitation of this vulnerability may cause irreversible programs to be implanted on user devices.
- CVE-2022-41603Oct 14, 2022risk 0.00cvss —epss 0.00
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.
- CVE-2022-41584Oct 14, 2022risk 0.00cvss —epss 0.00
The kernel module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause memory overwriting.
- CVE-2022-38980Oct 14, 2022risk 0.00cvss —epss 0.01
The HwAirlink module has a heap overflow vulnerability in processing data packets of the proprietary protocol.Successful exploitation of this vulnerability may allow attackers to obtain process control permissions.
- CVE-2022-39010Sep 16, 2022risk 0.00cvss —epss 0.01
The HwChrService module has a vulnerability in permission control. Successful exploitation of this vulnerability may cause disclosure of user network information.
Page 39 of 54