Harmonyos
by Huawei
CVEs (1,067)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-39970 | 0.00 | — | 0.01 | Jan 3, 2022 | HwPCAssistant has a Improper Input Validation vulnerability.Successful exploitation of this vulnerability may create any file with the system app permission. | |||
| CVE-2021-37134 | 0.00 | — | 0.00 | Jan 3, 2022 | Location-related APIs exists a Race Condition vulnerability.Successful exploitation of this vulnerability may use Higher Permissions for invoking the interface of location-related components. | |||
| CVE-2021-39968 | 0.00 | — | 0.01 | Jan 3, 2022 | Changlian Blocklist has a Business Logic Errors vulnerability .Successful exploitation of this vulnerability may expand the attack surface of the message class. | |||
| CVE-2021-37132 | 0.00 | — | 0.01 | Jan 3, 2022 | PackageManagerService has a Permissions, Privileges, and Access Controls vulnerability .Successful exploitation of this vulnerability may cause that Third-party apps can obtain the complete list of Harmony apps without permission. | |||
| CVE-2021-37126 | 0.00 | — | 0.01 | Jan 3, 2022 | Arbitrary file has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability .Successful exploitation of this vulnerability may cause the directory is traversed. | |||
| CVE-2021-37128 | 0.00 | — | 0.01 | Jan 3, 2022 | HwPCAssistant has a Path Traversal vulnerability .Successful exploitation of this vulnerability may write any file. | |||
| CVE-2021-37125 | 0.00 | — | 0.01 | Jan 3, 2022 | Arbitrary file has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability .Successful exploitation of this vulnerability may cause confidentiality is affected. | |||
| CVE-2021-37116 | 0.00 | — | 0.01 | Jan 3, 2022 | PCManager has a Weaknesses Introduced During Design vulnerability .Successful exploitation of this vulnerability may cause that the PIN of the subscriber is changed. | |||
| CVE-2021-37098 | 0.00 | — | 0.01 | Jan 3, 2022 | Hilinksvc service exists a Data Processing Errors vulnerability .Successful exploitation of this vulnerability may cause application crash. | |||
| CVE-2021-37097 | 0.00 | — | 0.01 | Dec 8, 2021 | There is a Code Injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to system restart. | |||
| CVE-2021-37093 | 0.00 | — | 0.01 | Dec 8, 2021 | There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers steal short messages. | |||
| CVE-2021-37092 | 0.00 | — | 0.01 | Dec 8, 2021 | There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected. | |||
| CVE-2021-37075 | 0.00 | — | 0.01 | Dec 8, 2021 | There is a Credentials Management Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to confidentiality affected. | |||
| CVE-2021-37074 | 0.00 | — | 0.01 | Dec 8, 2021 | There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the user root privilege escalation. | |||
| CVE-2021-37069 | 0.00 | — | 0.01 | Dec 8, 2021 | There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected. | |||
| CVE-2021-37054 | 0.00 | — | 0.01 | Dec 8, 2021 | There is an Identity spoofing and authentication bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2021-37053 | 0.00 | — | 0.01 | Dec 8, 2021 | There is a Service logic vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS. | |||
| CVE-2021-37052 | 0.00 | — | 0.01 | Dec 8, 2021 | There is an Exception log vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause address information leakage. | |||
| CVE-2021-37051 | 0.00 | — | 0.01 | Dec 8, 2021 | There is an Out-of-bounds read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds memory access. | |||
| CVE-2021-37050 | 0.00 | — | 0.00 | Dec 8, 2021 | There is a Missing sensitive data encryption vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. |
- CVE-2021-39970Jan 3, 2022risk 0.00cvss —epss 0.01
HwPCAssistant has a Improper Input Validation vulnerability.Successful exploitation of this vulnerability may create any file with the system app permission.
- CVE-2021-37134Jan 3, 2022risk 0.00cvss —epss 0.00
Location-related APIs exists a Race Condition vulnerability.Successful exploitation of this vulnerability may use Higher Permissions for invoking the interface of location-related components.
- CVE-2021-39968Jan 3, 2022risk 0.00cvss —epss 0.01
Changlian Blocklist has a Business Logic Errors vulnerability .Successful exploitation of this vulnerability may expand the attack surface of the message class.
- CVE-2021-37132Jan 3, 2022risk 0.00cvss —epss 0.01
PackageManagerService has a Permissions, Privileges, and Access Controls vulnerability .Successful exploitation of this vulnerability may cause that Third-party apps can obtain the complete list of Harmony apps without permission.
- CVE-2021-37126Jan 3, 2022risk 0.00cvss —epss 0.01
Arbitrary file has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability .Successful exploitation of this vulnerability may cause the directory is traversed.
- CVE-2021-37128Jan 3, 2022risk 0.00cvss —epss 0.01
HwPCAssistant has a Path Traversal vulnerability .Successful exploitation of this vulnerability may write any file.
- CVE-2021-37125Jan 3, 2022risk 0.00cvss —epss 0.01
Arbitrary file has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability .Successful exploitation of this vulnerability may cause confidentiality is affected.
- CVE-2021-37116Jan 3, 2022risk 0.00cvss —epss 0.01
PCManager has a Weaknesses Introduced During Design vulnerability .Successful exploitation of this vulnerability may cause that the PIN of the subscriber is changed.
- CVE-2021-37098Jan 3, 2022risk 0.00cvss —epss 0.01
Hilinksvc service exists a Data Processing Errors vulnerability .Successful exploitation of this vulnerability may cause application crash.
- CVE-2021-37097Dec 8, 2021risk 0.00cvss —epss 0.01
There is a Code Injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to system restart.
- CVE-2021-37093Dec 8, 2021risk 0.00cvss —epss 0.01
There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers steal short messages.
- CVE-2021-37092Dec 8, 2021risk 0.00cvss —epss 0.01
There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.
- CVE-2021-37075Dec 8, 2021risk 0.00cvss —epss 0.01
There is a Credentials Management Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to confidentiality affected.
- CVE-2021-37074Dec 8, 2021risk 0.00cvss —epss 0.01
There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the user root privilege escalation.
- CVE-2021-37069Dec 8, 2021risk 0.00cvss —epss 0.01
There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.
- CVE-2021-37054Dec 8, 2021risk 0.00cvss —epss 0.01
There is an Identity spoofing and authentication bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2021-37053Dec 8, 2021risk 0.00cvss —epss 0.01
There is a Service logic vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.
- CVE-2021-37052Dec 8, 2021risk 0.00cvss —epss 0.01
There is an Exception log vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause address information leakage.
- CVE-2021-37051Dec 8, 2021risk 0.00cvss —epss 0.01
There is an Out-of-bounds read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds memory access.
- CVE-2021-37050Dec 8, 2021risk 0.00cvss —epss 0.00
There is a Missing sensitive data encryption vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
Page 48 of 54