Emui
by Huawei
CVEs (745)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-46312 | 0.00 | — | 0.00 | Dec 20, 2022 | The application management module has a vulnerability in permission verification. Successful exploitation of this vulnerability causes unexpected clear of device applications. | |||
| CVE-2022-41591 | 0.00 | — | 0.01 | Dec 20, 2022 | The backup module has a path traversal vulnerability. Successful exploitation of this vulnerability causes unauthorized access to other system files. | |||
| CVE-2022-46319 | 0.00 | — | 0.00 | Dec 20, 2022 | Fingerprint calibration has a vulnerability of lacking boundary judgment. Successful exploitation of this vulnerability may cause out-of-bounds write. | |||
| CVE-2022-46324 | 0.00 | — | 0.00 | Dec 20, 2022 | Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions. | |||
| CVE-2022-46327 | 0.00 | — | 0.00 | Dec 20, 2022 | Some smartphones have configuration issues. Successful exploitation of this vulnerability may cause privilege escalation, which results in system service exceptions. | |||
| CVE-2022-46321 | 0.00 | — | 0.00 | Dec 20, 2022 | The Wi-Fi module has a vulnerability in permission verification. Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2022-46320 | 0.00 | — | 0.00 | Dec 20, 2022 | The kernel module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may cause memory overwriting. | |||
| CVE-2021-46852 | 0.00 | — | 0.00 | Nov 9, 2022 | The memory management module has the logic bypass vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2022-44550 | 0.00 | — | 0.00 | Nov 9, 2022 | The graphics display module has a UAF vulnerability when traversing graphic layers. Successful exploitation of this vulnerability may affect system availability. | |||
| CVE-2022-44552 | 0.00 | — | 0.00 | Nov 9, 2022 | The lock screen module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability. | |||
| CVE-2022-44547 | 0.00 | — | 0.00 | Nov 9, 2022 | The Display Service module has a UAF vulnerability. Successful exploitation of this vulnerability may affect the display service availability. | |||
| CVE-2022-44558 | 0.00 | — | 0.01 | Nov 9, 2022 | The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation. | |||
| CVE-2022-44555 | 0.00 | — | 0.00 | Nov 9, 2022 | The DDMP/ODMF module has a service hijacking vulnerability. Successful exploit of this vulnerability may cause services to be unavailable. | |||
| CVE-2022-44560 | 0.00 | — | 0.00 | Nov 9, 2022 | The launcher module has an Intent redirection vulnerability. Successful exploitation of this vulnerability may cause launcher module data to be modified. | |||
| CVE-2022-44548 | 0.00 | — | 0.00 | Nov 9, 2022 | There is a vulnerability in permission verification during the Bluetooth pairing process. Successful exploitation of this vulnerability may cause the dialog box for confirming the pairing not to be displayed during Bluetooth pairing. | |||
| CVE-2022-44549 | 0.00 | — | 0.00 | Nov 9, 2022 | The LBS module has a vulnerability in geofencing API access. Successful exploitation of this vulnerability may cause third-party apps to access the geofencing APIs without authorization, affecting user confidentiality. | |||
| CVE-2022-44561 | 0.00 | — | 0.00 | Nov 9, 2022 | The preset launcher module has a permission verification vulnerability. Successful exploitation of this vulnerability makes unauthorized apps add arbitrary widgets and shortcuts without interaction. | |||
| CVE-2022-44562 | 0.00 | — | 0.01 | Nov 9, 2022 | The system framework layer has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation. | |||
| CVE-2022-44557 | 0.00 | — | 0.00 | Nov 9, 2022 | The SmartTrimProcessEvent module has a vulnerability of obtaining the read and write permissions on arbitrary system files. Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2022-44554 | 0.00 | — | 0.00 | Nov 9, 2022 | The power module has a vulnerability in permission verification. Successful exploitation of this vulnerability may cause abnormal status of a module on the device. |
- CVE-2022-46312Dec 20, 2022risk 0.00cvss —epss 0.00
The application management module has a vulnerability in permission verification. Successful exploitation of this vulnerability causes unexpected clear of device applications.
- CVE-2022-41591Dec 20, 2022risk 0.00cvss —epss 0.01
The backup module has a path traversal vulnerability. Successful exploitation of this vulnerability causes unauthorized access to other system files.
- CVE-2022-46319Dec 20, 2022risk 0.00cvss —epss 0.00
Fingerprint calibration has a vulnerability of lacking boundary judgment. Successful exploitation of this vulnerability may cause out-of-bounds write.
- CVE-2022-46324Dec 20, 2022risk 0.00cvss —epss 0.00
Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions.
- CVE-2022-46327Dec 20, 2022risk 0.00cvss —epss 0.00
Some smartphones have configuration issues. Successful exploitation of this vulnerability may cause privilege escalation, which results in system service exceptions.
- CVE-2022-46321Dec 20, 2022risk 0.00cvss —epss 0.00
The Wi-Fi module has a vulnerability in permission verification. Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2022-46320Dec 20, 2022risk 0.00cvss —epss 0.00
The kernel module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may cause memory overwriting.
- CVE-2021-46852Nov 9, 2022risk 0.00cvss —epss 0.00
The memory management module has the logic bypass vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2022-44550Nov 9, 2022risk 0.00cvss —epss 0.00
The graphics display module has a UAF vulnerability when traversing graphic layers. Successful exploitation of this vulnerability may affect system availability.
- CVE-2022-44552Nov 9, 2022risk 0.00cvss —epss 0.00
The lock screen module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability.
- CVE-2022-44547Nov 9, 2022risk 0.00cvss —epss 0.00
The Display Service module has a UAF vulnerability. Successful exploitation of this vulnerability may affect the display service availability.
- CVE-2022-44558Nov 9, 2022risk 0.00cvss —epss 0.01
The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.
- CVE-2022-44555Nov 9, 2022risk 0.00cvss —epss 0.00
The DDMP/ODMF module has a service hijacking vulnerability. Successful exploit of this vulnerability may cause services to be unavailable.
- CVE-2022-44560Nov 9, 2022risk 0.00cvss —epss 0.00
The launcher module has an Intent redirection vulnerability. Successful exploitation of this vulnerability may cause launcher module data to be modified.
- CVE-2022-44548Nov 9, 2022risk 0.00cvss —epss 0.00
There is a vulnerability in permission verification during the Bluetooth pairing process. Successful exploitation of this vulnerability may cause the dialog box for confirming the pairing not to be displayed during Bluetooth pairing.
- CVE-2022-44549Nov 9, 2022risk 0.00cvss —epss 0.00
The LBS module has a vulnerability in geofencing API access. Successful exploitation of this vulnerability may cause third-party apps to access the geofencing APIs without authorization, affecting user confidentiality.
- CVE-2022-44561Nov 9, 2022risk 0.00cvss —epss 0.00
The preset launcher module has a permission verification vulnerability. Successful exploitation of this vulnerability makes unauthorized apps add arbitrary widgets and shortcuts without interaction.
- CVE-2022-44562Nov 9, 2022risk 0.00cvss —epss 0.01
The system framework layer has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.
- CVE-2022-44557Nov 9, 2022risk 0.00cvss —epss 0.00
The SmartTrimProcessEvent module has a vulnerability of obtaining the read and write permissions on arbitrary system files. Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2022-44554Nov 9, 2022risk 0.00cvss —epss 0.00
The power module has a vulnerability in permission verification. Successful exploitation of this vulnerability may cause abnormal status of a module on the device.
Page 23 of 38