Harmonyos
by Huawei
CVEs (1,067)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-22489 | 0.00 | — | 0.01 | Feb 25, 2022 | There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service availability. | |||
| CVE-2021-22480 | 0.00 | — | 0.01 | Feb 25, 2022 | The interface of a certain HarmonyOS module has an integer overflow vulnerability. Successful exploitation of this vulnerability may lead to heap memory overflow. | |||
| CVE-2021-22479 | 0.00 | — | 0.00 | Feb 25, 2022 | The interface of a certain HarmonyOS module has an invalid address access vulnerability. Successful exploitation of this vulnerability may lead to kernel crash. | |||
| CVE-2021-22441 | 0.00 | — | 0.00 | Feb 25, 2022 | Some Huawei products have an integer overflow vulnerability. Successful exploitation of this vulnerability may lead to kernel crash. | |||
| CVE-2021-22478 | 0.00 | — | 0.00 | Feb 25, 2022 | The interface of a certain HarmonyOS module has a UAF vulnerability. Successful exploitation of this vulnerability may lead to information leakage. | |||
| CVE-2021-40015 | 0.00 | — | 0.00 | Feb 9, 2022 | There is a race condition vulnerability in the binder driver subsystem in the kernel.Successful exploitation of this vulnerability may affect kernel stability. | |||
| CVE-2021-40045 | 0.00 | — | 0.00 | Feb 9, 2022 | There is a vulnerability of signature verification mechanism failure in system upgrade through recovery mode.Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2021-39998 | 0.00 | — | 0.01 | Jan 7, 2022 | There is Vulnerability of APIs being concurrently called for multiple times in HwConnectivityExService a in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart. | |||
| CVE-2021-40032 | 0.00 | — | 0.01 | Jan 7, 2022 | The bone voice ID TA has a vulnerability in information management,Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2021-40028 | 0.00 | — | 0.01 | Jan 7, 2022 | The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data integrity. | |||
| CVE-2021-40027 | 0.00 | — | 0.01 | Jan 7, 2022 | The bone voice ID TA has a vulnerability in calculating the buffer length,Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2021-40025 | 0.00 | — | 0.01 | Jan 7, 2022 | The eID module has a vulnerability that causes the memory to be used without being initialized,Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2021-40022 | 0.00 | — | 0.01 | Jan 7, 2022 | The weaver module has a vulnerability in parameter type verification,Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2021-40021 | 0.00 | — | 0.01 | Jan 7, 2022 | The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2021-40018 | 0.00 | — | 0.01 | Jan 7, 2022 | The eID module has a null pointer reference vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2021-40014 | 0.00 | — | 0.01 | Jan 7, 2022 | The bone voice ID trusted application (TA) has a heap overflow vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2021-40039 | 0.00 | — | 0.01 | Jan 7, 2022 | There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity. | |||
| CVE-2021-40038 | 0.00 | — | 0.01 | Jan 7, 2022 | There is a Double free vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity. | |||
| CVE-2021-40037 | 0.00 | — | 0.00 | Jan 7, 2022 | There is a Vulnerability of accessing resources using an incompatible type (type confusion) in the MPTCP subsystem in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart. | |||
| CVE-2021-40035 | 0.00 | — | 0.01 | Jan 7, 2022 | There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability. |
- CVE-2021-22489Feb 25, 2022risk 0.00cvss —epss 0.01
There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service availability.
- CVE-2021-22480Feb 25, 2022risk 0.00cvss —epss 0.01
The interface of a certain HarmonyOS module has an integer overflow vulnerability. Successful exploitation of this vulnerability may lead to heap memory overflow.
- CVE-2021-22479Feb 25, 2022risk 0.00cvss —epss 0.00
The interface of a certain HarmonyOS module has an invalid address access vulnerability. Successful exploitation of this vulnerability may lead to kernel crash.
- CVE-2021-22441Feb 25, 2022risk 0.00cvss —epss 0.00
Some Huawei products have an integer overflow vulnerability. Successful exploitation of this vulnerability may lead to kernel crash.
- CVE-2021-22478Feb 25, 2022risk 0.00cvss —epss 0.00
The interface of a certain HarmonyOS module has a UAF vulnerability. Successful exploitation of this vulnerability may lead to information leakage.
- CVE-2021-40015Feb 9, 2022risk 0.00cvss —epss 0.00
There is a race condition vulnerability in the binder driver subsystem in the kernel.Successful exploitation of this vulnerability may affect kernel stability.
- CVE-2021-40045Feb 9, 2022risk 0.00cvss —epss 0.00
There is a vulnerability of signature verification mechanism failure in system upgrade through recovery mode.Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2021-39998Jan 7, 2022risk 0.00cvss —epss 0.01
There is Vulnerability of APIs being concurrently called for multiple times in HwConnectivityExService a in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart.
- CVE-2021-40032Jan 7, 2022risk 0.00cvss —epss 0.01
The bone voice ID TA has a vulnerability in information management,Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2021-40028Jan 7, 2022risk 0.00cvss —epss 0.01
The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data integrity.
- CVE-2021-40027Jan 7, 2022risk 0.00cvss —epss 0.01
The bone voice ID TA has a vulnerability in calculating the buffer length,Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2021-40025Jan 7, 2022risk 0.00cvss —epss 0.01
The eID module has a vulnerability that causes the memory to be used without being initialized,Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2021-40022Jan 7, 2022risk 0.00cvss —epss 0.01
The weaver module has a vulnerability in parameter type verification,Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2021-40021Jan 7, 2022risk 0.00cvss —epss 0.01
The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2021-40018Jan 7, 2022risk 0.00cvss —epss 0.01
The eID module has a null pointer reference vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2021-40014Jan 7, 2022risk 0.00cvss —epss 0.01
The bone voice ID trusted application (TA) has a heap overflow vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2021-40039Jan 7, 2022risk 0.00cvss —epss 0.01
There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
- CVE-2021-40038Jan 7, 2022risk 0.00cvss —epss 0.01
There is a Double free vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
- CVE-2021-40037Jan 7, 2022risk 0.00cvss —epss 0.00
There is a Vulnerability of accessing resources using an incompatible type (type confusion) in the MPTCP subsystem in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart.
- CVE-2021-40035Jan 7, 2022risk 0.00cvss —epss 0.01
There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability.
Page 45 of 54