Emui
by Huawei
CVEs (745)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-26547 | 0.00 | — | 0.00 | Mar 27, 2023 | The InputMethod module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation. | |||
| CVE-2022-48359 | 0.00 | — | 0.00 | Mar 27, 2023 | The recovery mode for updates has a vulnerability that causes arbitrary disk modification. Successful exploitation of this vulnerability may affect confidentiality. | |||
| CVE-2022-48348 | 0.00 | — | 0.00 | Mar 27, 2023 | The MediaProvider module has a vulnerability of unauthorized data read. Successful exploitation of this vulnerability may affect confidentiality and integrity. | |||
| CVE-2022-48347 | 0.00 | — | 0.00 | Mar 27, 2023 | The MediaProvider module has a vulnerability in permission verification. Successful exploitation of this vulnerability may affect confidentiality. | |||
| CVE-2022-48353 | 0.00 | — | 0.00 | Mar 27, 2023 | Some smartphones have configuration issues. Successful exploitation of this vulnerability may cause kernel privilege escalation, which results in system service exceptions. | |||
| CVE-2022-48356 | 0.00 | — | 0.00 | Mar 27, 2023 | The facial recognition module has a vulnerability in input parameter verification. Successful exploitation of this vulnerability may cause failed facial recognition. | |||
| CVE-2022-48291 | 0.00 | — | 0.00 | Mar 27, 2023 | The Bluetooth module has an authentication bypass vulnerability in the pairing process. Successful exploitation of this vulnerability may affect confidentiality. | |||
| CVE-2022-48298 | 0.00 | — | 0.00 | Feb 9, 2023 | The geofencing kernel code does not verify the length of the input data. Successful exploitation of this vulnerability may cause out-of-bounds memory access. | |||
| CVE-2022-48292 | 0.00 | — | 0.00 | Feb 9, 2023 | The Bluetooth module has an out-of-memory (OOM) vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2022-48295 | 0.00 | — | 0.00 | Feb 9, 2023 | The IHwAntiMalPlugin interface lacks permission verification. Successful exploitation of this vulnerability can lead to filling problems (batch installation of applications). | |||
| CVE-2022-48294 | 0.00 | — | 0.00 | Feb 9, 2023 | The IHwAttestationService interface has a defect in authentication. Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2022-48296 | 0.00 | — | 0.00 | Feb 9, 2023 | The SystemUI has a vulnerability in permission management. Successful exploitation of this vulnerability may cause users to receive broadcasts from malicious apps, conveying false alarm information about external storage devices. | |||
| CVE-2022-48286 | 0.00 | — | 0.00 | Feb 9, 2023 | The multi-screen collaboration module has a privilege escalation vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2022-48288 | 0.00 | — | 0.00 | Feb 9, 2023 | The bundle management module lacks authentication and control mechanisms in some APIs. Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2022-48301 | 0.00 | — | 0.00 | Feb 9, 2023 | The bundle management module lacks permission verification in some APIs. Successful exploitation of this vulnerability may restore the pre-installed apps that have been uninstalled. | |||
| CVE-2022-48287 | 0.00 | — | 0.00 | Feb 9, 2023 | The HwContacts module has a logic bypass vulnerability. Successful exploitation of this vulnerability may affect data integrity. | |||
| CVE-2022-48297 | 0.00 | — | 0.00 | Feb 9, 2023 | The geofencing kernel code has a vulnerability of not verifying the length of the input data. Successful exploitation of this vulnerability may cause out-of-bounds memory access. | |||
| CVE-2022-48300 | 0.00 | — | 0.00 | Feb 9, 2023 | The WMS module lacks the authentication mechanism in some APIs. Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2022-48293 | 0.00 | — | 0.00 | Feb 9, 2023 | The Bluetooth module has an OOM vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2022-48302 | 0.00 | — | 0.00 | Feb 9, 2023 | The AMS module has a vulnerability of lacking permission verification in APIs.Successful exploitation of this vulnerability may affect data confidentiality. |
- CVE-2023-26547Mar 27, 2023risk 0.00cvss —epss 0.00
The InputMethod module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.
- CVE-2022-48359Mar 27, 2023risk 0.00cvss —epss 0.00
The recovery mode for updates has a vulnerability that causes arbitrary disk modification. Successful exploitation of this vulnerability may affect confidentiality.
- CVE-2022-48348Mar 27, 2023risk 0.00cvss —epss 0.00
The MediaProvider module has a vulnerability of unauthorized data read. Successful exploitation of this vulnerability may affect confidentiality and integrity.
- CVE-2022-48347Mar 27, 2023risk 0.00cvss —epss 0.00
The MediaProvider module has a vulnerability in permission verification. Successful exploitation of this vulnerability may affect confidentiality.
- CVE-2022-48353Mar 27, 2023risk 0.00cvss —epss 0.00
Some smartphones have configuration issues. Successful exploitation of this vulnerability may cause kernel privilege escalation, which results in system service exceptions.
- CVE-2022-48356Mar 27, 2023risk 0.00cvss —epss 0.00
The facial recognition module has a vulnerability in input parameter verification. Successful exploitation of this vulnerability may cause failed facial recognition.
- CVE-2022-48291Mar 27, 2023risk 0.00cvss —epss 0.00
The Bluetooth module has an authentication bypass vulnerability in the pairing process. Successful exploitation of this vulnerability may affect confidentiality.
- CVE-2022-48298Feb 9, 2023risk 0.00cvss —epss 0.00
The geofencing kernel code does not verify the length of the input data. Successful exploitation of this vulnerability may cause out-of-bounds memory access.
- CVE-2022-48292Feb 9, 2023risk 0.00cvss —epss 0.00
The Bluetooth module has an out-of-memory (OOM) vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2022-48295Feb 9, 2023risk 0.00cvss —epss 0.00
The IHwAntiMalPlugin interface lacks permission verification. Successful exploitation of this vulnerability can lead to filling problems (batch installation of applications).
- CVE-2022-48294Feb 9, 2023risk 0.00cvss —epss 0.00
The IHwAttestationService interface has a defect in authentication. Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2022-48296Feb 9, 2023risk 0.00cvss —epss 0.00
The SystemUI has a vulnerability in permission management. Successful exploitation of this vulnerability may cause users to receive broadcasts from malicious apps, conveying false alarm information about external storage devices.
- CVE-2022-48286Feb 9, 2023risk 0.00cvss —epss 0.00
The multi-screen collaboration module has a privilege escalation vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2022-48288Feb 9, 2023risk 0.00cvss —epss 0.00
The bundle management module lacks authentication and control mechanisms in some APIs. Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2022-48301Feb 9, 2023risk 0.00cvss —epss 0.00
The bundle management module lacks permission verification in some APIs. Successful exploitation of this vulnerability may restore the pre-installed apps that have been uninstalled.
- CVE-2022-48287Feb 9, 2023risk 0.00cvss —epss 0.00
The HwContacts module has a logic bypass vulnerability. Successful exploitation of this vulnerability may affect data integrity.
- CVE-2022-48297Feb 9, 2023risk 0.00cvss —epss 0.00
The geofencing kernel code has a vulnerability of not verifying the length of the input data. Successful exploitation of this vulnerability may cause out-of-bounds memory access.
- CVE-2022-48300Feb 9, 2023risk 0.00cvss —epss 0.00
The WMS module lacks the authentication mechanism in some APIs. Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2022-48293Feb 9, 2023risk 0.00cvss —epss 0.00
The Bluetooth module has an OOM vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2022-48302Feb 9, 2023risk 0.00cvss —epss 0.00
The AMS module has a vulnerability of lacking permission verification in APIs.Successful exploitation of this vulnerability may affect data confidentiality.
Page 21 of 38