Harmonyos
by Huawei
CVEs (1,067)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-29796 | 0.00 | — | 0.01 | May 13, 2022 | The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. | |||
| CVE-2022-29795 | 0.00 | — | 0.01 | May 13, 2022 | The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability. | |||
| CVE-2022-29794 | 0.00 | — | 0.01 | May 13, 2022 | The frame scheduling module has a Use After Free (UAF) vulnerability.Successful exploitation of this vulnerability will affect data integrity, availability, and confidentiality. | |||
| CVE-2022-29792 | 0.00 | — | 0.01 | May 13, 2022 | The chip component has a vulnerability of disclosing CPU SNs.Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2022-29791 | 0.00 | — | 0.01 | May 13, 2022 | The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. | |||
| CVE-2022-29790 | 0.00 | — | 0.01 | May 13, 2022 | The graphics acceleration service has a vulnerability in multi-thread access to the database.Successful exploitation of this vulnerability may cause service exceptions. | |||
| CVE-2022-29789 | 0.00 | — | 0.01 | May 13, 2022 | The HiAIserver has a vulnerability in verifying the validity of the properties used in the model.Successful exploitation of this vulnerability will affect AI services. | |||
| CVE-2022-22261 | 0.00 | — | 0.01 | May 13, 2022 | The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. | |||
| CVE-2022-22260 | 0.00 | — | 0.01 | May 13, 2022 | The kernel module has a UAF vulnerability.Successful exploitation of this vulnerability will affect data integrity and availability. | |||
| CVE-2021-46787 | 0.00 | — | 0.01 | May 13, 2022 | The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to crash. | |||
| CVE-2021-46786 | 0.00 | — | 0.01 | May 13, 2022 | The audio module has a vulnerability in verifying the parameters passed by the application space.Successful exploitation of this vulnerability may cause out-of-bounds memory access. | |||
| CVE-2021-46785 | 0.00 | — | 0.01 | May 13, 2022 | The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier. | |||
| CVE-2021-40065 | 0.00 | — | 0.01 | Apr 11, 2022 | The communication module has a service logic error vulnerability.Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2021-46740 | 0.00 | — | 0.01 | Apr 11, 2022 | The device authentication service module has a defect vulnerability introduced in the design process.Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2021-46742 | 0.00 | — | 0.01 | Apr 11, 2022 | The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings.Secure data.Successful exploitation of this vulnerability may affect the availability. | |||
| CVE-2022-22253 | 0.00 | — | 0.00 | Apr 11, 2022 | The DFX module has a vulnerability of improper validation of integrity check values.Successful exploitation of this vulnerability may affect system stability. | |||
| CVE-2022-22254 | 0.00 | — | 0.01 | Apr 11, 2022 | A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2022-22255 | 0.00 | — | 0.01 | Apr 11, 2022 | The application framework has a common DoS vulnerability.Successful exploitation of this vulnerability may affect the availability. | |||
| CVE-2022-22256 | 0.00 | — | 0.01 | Apr 11, 2022 | The DFX module has an access control vulnerability.Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2022-22257 | 0.00 | — | 0.01 | Apr 11, 2022 | The customization framework has a vulnerability of improper permission control.Successful exploitation of this vulnerability may affect data integrity. |
- CVE-2022-29796May 13, 2022risk 0.00cvss —epss 0.01
The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services.
- CVE-2022-29795May 13, 2022risk 0.00cvss —epss 0.01
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
- CVE-2022-29794May 13, 2022risk 0.00cvss —epss 0.01
The frame scheduling module has a Use After Free (UAF) vulnerability.Successful exploitation of this vulnerability will affect data integrity, availability, and confidentiality.
- CVE-2022-29792May 13, 2022risk 0.00cvss —epss 0.01
The chip component has a vulnerability of disclosing CPU SNs.Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2022-29791May 13, 2022risk 0.00cvss —epss 0.01
The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services.
- CVE-2022-29790May 13, 2022risk 0.00cvss —epss 0.01
The graphics acceleration service has a vulnerability in multi-thread access to the database.Successful exploitation of this vulnerability may cause service exceptions.
- CVE-2022-29789May 13, 2022risk 0.00cvss —epss 0.01
The HiAIserver has a vulnerability in verifying the validity of the properties used in the model.Successful exploitation of this vulnerability will affect AI services.
- CVE-2022-22261May 13, 2022risk 0.00cvss —epss 0.01
The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services.
- CVE-2022-22260May 13, 2022risk 0.00cvss —epss 0.01
The kernel module has a UAF vulnerability.Successful exploitation of this vulnerability will affect data integrity and availability.
- CVE-2021-46787May 13, 2022risk 0.00cvss —epss 0.01
The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to crash.
- CVE-2021-46786May 13, 2022risk 0.00cvss —epss 0.01
The audio module has a vulnerability in verifying the parameters passed by the application space.Successful exploitation of this vulnerability may cause out-of-bounds memory access.
- CVE-2021-46785May 13, 2022risk 0.00cvss —epss 0.01
The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier.
- CVE-2021-40065Apr 11, 2022risk 0.00cvss —epss 0.01
The communication module has a service logic error vulnerability.Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2021-46740Apr 11, 2022risk 0.00cvss —epss 0.01
The device authentication service module has a defect vulnerability introduced in the design process.Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2021-46742Apr 11, 2022risk 0.00cvss —epss 0.01
The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings.Secure data.Successful exploitation of this vulnerability may affect the availability.
- CVE-2022-22253Apr 11, 2022risk 0.00cvss —epss 0.00
The DFX module has a vulnerability of improper validation of integrity check values.Successful exploitation of this vulnerability may affect system stability.
- CVE-2022-22254Apr 11, 2022risk 0.00cvss —epss 0.01
A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2022-22255Apr 11, 2022risk 0.00cvss —epss 0.01
The application framework has a common DoS vulnerability.Successful exploitation of this vulnerability may affect the availability.
- CVE-2022-22256Apr 11, 2022risk 0.00cvss —epss 0.01
The DFX module has an access control vulnerability.Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2022-22257Apr 11, 2022risk 0.00cvss —epss 0.01
The customization framework has a vulnerability of improper permission control.Successful exploitation of this vulnerability may affect data integrity.
Page 43 of 54