VYPR

Vendor CVEs

Huawei

All CVEs

2,253 total · sorted by risk
  • CVE-2021-37107MedFeb 9, 2022
    risk 0.36cvss 5.5epss 0.00

    There is an improper memory access permission configuration on ACPU.Successful exploitation of this vulnerability may cause out-of-bounds access.

  • CVE-2021-40033MedJan 31, 2022
    risk 0.36cvss 5.5epss 0.00

    There is an information exposure vulnerability on several Huawei Products. The vulnerability is due to that the software does not properly protect certain information. Successful exploit could cause information disclosure. Affected product versions include: CloudEngine 12800…

  • CVE-2021-40037MedJan 10, 2022
    risk 0.36cvss 5.5epss 0.00

    There is a Vulnerability of accessing resources using an incompatible type (type confusion) in the MPTCP subsystem in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart.

  • CVE-2021-37036MedNov 23, 2021
    risk 0.36cvss 5.5epss 0.00

    There is an information leakage vulnerability in FusionCompute 6.5.1, eCNS280_TD V100R005C00 and V100R005C10. Due to the improperly storage of specific information in the log file, the attacker can obtain the information when a user logs in to the device. Successful exploit may…

  • CVE-2021-22471MedOct 28, 2021
    risk 0.36cvss 5.5epss 0.00

    A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause nearby process crash.

  • CVE-2021-22467MedOct 28, 2021
    risk 0.36cvss 5.5epss 0.00

    A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to read at any address.

  • CVE-2021-22466MedOct 28, 2021
    risk 0.36cvss 5.5epss 0.00

    A component of the HarmonyOS has a Use After Free vulnerability. Local attackers may exploit this vulnerability to cause kernel crash.

  • CVE-2021-22465MedOct 28, 2021
    risk 0.36cvss 5.5epss 0.00

    A component of the HarmonyOS has a Heap-based Buffer Overflow vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable.

  • CVE-2021-22463MedOct 28, 2021
    risk 0.36cvss 5.5epss 0.00

    A component of the HarmonyOS has a Use After Free vulnerability . Local attackers may exploit this vulnerability to cause Kernel Information disclosure.

  • CVE-2021-22462MedOct 28, 2021
    risk 0.36cvss 5.5epss 0.00

    A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause kernel crash.

  • CVE-2021-22461MedOct 28, 2021
    risk 0.36cvss 5.5epss 0.00

    A component of the HarmonyOS has a Allocation of Resources Without Limits or Throttling vulnerability. Local attackers may exploit this vulnerability to cause nearby process crash.

  • CVE-2021-22460MedOct 28, 2021
    risk 0.36cvss 5.5epss 0.00

    A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability. Local attackers may exploit this vulnerability to bypass the control mechanism.

  • CVE-2021-22459MedOct 28, 2021
    risk 0.36cvss 5.5epss 0.00

    A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause System functions which are unavailable.

  • CVE-2021-22456MedOct 28, 2021
    risk 0.36cvss 5.5epss 0.00

    A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable.

  • CVE-2021-22455MedOct 28, 2021
    risk 0.36cvss 5.5epss 0.00

    A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause the memory which is not released.

  • CVE-2021-22454MedOct 28, 2021
    risk 0.36cvss 5.5epss 0.00

    A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause core dump.

  • CVE-2021-22452MedOct 28, 2021
    risk 0.36cvss 5.5epss 0.00

    A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to read at any address.

  • CVE-2021-22450MedOct 28, 2021
    risk 0.36cvss 5.5epss 0.00

    A component of the HarmonyOS has a Incomplete Cleanup vulnerability. Local attackers may exploit this vulnerability to cause memory exhaustion.

  • CVE-2021-22295MedAug 6, 2021
    risk 0.36cvss 5.5epss 0.00

    A component of the HarmonyOS has a permission bypass vulnerability. Local attackers may exploit this vulnerability to cause the device to hang due to the page error OsVmPageFaultHandler.

  • CVE-2021-22424MedAug 3, 2021
    risk 0.36cvss 5.5epss 0.00

    A component of the HarmonyOS has a Kernel Memory Leakage Vulnerability. Local attackers may exploit this vulnerability to cause Kernel Denial of Service.

  • CVE-2021-22419MedAug 3, 2021
    risk 0.36cvss 5.5epss 0.00

    A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability. Local attackers may exploit this vulnerability to cause persistent dos.

  • CVE-2021-22417MedAug 3, 2021
    risk 0.36cvss 5.5epss 0.00

    A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel Memory Leakage.

  • CVE-2021-22400MedAug 3, 2021
    risk 0.36cvss 5.5epss 0.00

    Some Huawei Smartphones has an insufficient input validation vulnerability due to the lack of parameter validation. An attacker may trick a user into installing a malicious APP. The app can modify specific parameters, causing the system to crash. Affected product…

  • CVE-2021-22318MedJul 14, 2021
    risk 0.36cvss 5.5epss 0.00

    A component of the HarmonyOS 2.0 has a Null Pointer Dereference Vulnerability. Local attackers may exploit this vulnerability to cause system denial of service.

  • CVE-2021-22399MedJul 13, 2021
    risk 0.36cvss 5.5epss 0.00

    The Bluetooth function of some Huawei smartphones has a DoS vulnerability. Attackers can install third-party apps to send specific broadcasts, causing the Bluetooth module to crash. This vulnerability is successfully exploited to cause the Bluetooth function to become abnormal.…

  • CVE-2021-22366MedJun 22, 2021
    risk 0.36cvss 5.5epss 0.00

    There is an out-of-bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. The vulnerability is due to a function that handles an internal message contains an out-of-bounds read vulnerability. An attacker could crafted messages between…

  • CVE-2021-22364MedMay 27, 2021
    risk 0.36cvss 5.5epss 0.00

    There is a denial of service vulnerability in the versions 10.1.0.126(C00E125R5P3) of HUAWEI Mate 30 and 10.1.0.152(C00E136R7P2) of HUAWEI Mate 30 (5G) . A module does not verify certain parameters sufficiently and it leads to some exceptions. Successful exploit could cause a…

  • CVE-2020-9148MedApr 1, 2021
    risk 0.36cvss 5.5epss 0.00

    An application bypass mechanism vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to delete user SMS messages.

  • CVE-2020-9146MedApr 1, 2021
    risk 0.36cvss 5.5epss 0.00

    A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to cause memory leakage and doS attacks by carefully constructing attack scenarios.

  • CVE-2021-22296MedMar 2, 2021
    risk 0.36cvss 5.5epss 0.00

    A component of HarmonyOS 2.0 has a DoS vulnerability. Local attackers may exploit this vulnerability to mount a file system to the target device, causing DoS of the file system.

  • CVE-2021-22307MedFeb 6, 2021
    risk 0.36cvss 5.5epss 0.00

    There is a weak algorithm vulnerability in Mate 3010.0.0.203(C00E201R7P2). The protection is insufficient for the modules that should be protected. Local attackers can exploit this vulnerability to affect the integrity of certain module.

  • CVE-2020-9093MedDec 29, 2020
    risk 0.36cvss 5.5epss 0.00

    There is a use after free vulnerability in Taurus-AL00A versions 10.0.0.1(C00E1R1P1). A module does not deal with specific message properly, which makes a function refer to memory after it has been freed. Attackers can exploit this vulnerability by running a crafted application…

  • CVE-2020-1848MedDec 29, 2020
    risk 0.36cvss 5.5epss 0.00

    There is a resource management error vulnerability in Jackman-AL00D versions 8.2.0.185(C00R2P1). Local attackers construct malicious application files, causing system applications to run abnormally.

  • CVE-2020-9240MedOct 12, 2020
    risk 0.36cvss 5.5epss 0.00

    Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a buffer overflow vulnerability. A function in a module does not verify inputs sufficiently. Attackers can exploit this vulnerability by sending specific request. This could compromise normal service of the affected…

  • CVE-2020-9108MedOct 12, 2020
    risk 0.36cvss 5.5epss 0.00

    HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of…

  • CVE-2020-9107MedOct 12, 2020
    risk 0.36cvss 5.5epss 0.00

    HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of…

  • CVE-2020-9091MedOct 12, 2020
    risk 0.36cvss 5.5epss 0.00

    Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an out-of-bounds read and write vulnerability. Some functions do not verify inputs sufficiently. Attackers can exploit this vulnerability by sending specific request. This could compromise normal service of the…

  • CVE-2020-9087MedOct 12, 2020
    risk 0.36cvss 5.5epss 0.00

    Taurus-AL00A version 10.0.0.1(C00E1R1P1) has an out-of-bounds read vulnerability in XFRM module. An authenticated, local attacker may perform a specific operation to exploit this vulnerability. Due to insufficient validation of the parameters, which may be exploited to cause…

  • CVE-2020-9239MedSep 11, 2020
    risk 0.36cvss 5.5epss 0.00

    Huawei smartphones BLA-A09 versions 8.0.0.123(C212),versions earlier than 8.0.0.123(C567),versions earlier than 8.0.0.123(C797);BLA-TL00B versions earlier than 8.1.0.326(C01);Berkeley-L09 versions earlier than 8.0.0.163(C10),versions earlier than 8.0.0.163(C432),Versions earlier…

  • CVE-2020-9235MedSep 3, 2020
    risk 0.36cvss 5.5epss 0.00

    Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.212(C432E10R3P4),Versions earlier than…

  • CVE-2020-9096MedAug 21, 2020
    risk 0.36cvss 5.5epss 0.00

    HUAWEI P30 Pro smartphones with Versions earlier than 10.1.0.160(C00E160R2P8) have an out of bound read vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious…

  • CVE-2020-9095MedAug 21, 2020
    risk 0.36cvss 5.5epss 0.00

    HUAWEI P30 Pro smartphone with Versions earlier than 10.1.0.160(C00E160R2P8) has an integer overflow vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message…

  • CVE-2020-9245MedAug 10, 2020
    risk 0.36cvss 5.5epss 0.00

    HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8) have a denial of service vulnerability. Certain system configuration can be modified because of improper authorization. The attacker could…

  • CVE-2020-9243MedAug 10, 2020
    risk 0.36cvss 5.5epss 0.00

    HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a denial of service vulnerability. The system does not properly limit the depth of recursion, an attacker should trick the user installing and execute a malicious application. Successful exploit could cause a…

  • CVE-2020-9255MedJul 17, 2020
    risk 0.36cvss 5.5epss 0.00

    Huawei Honor 10 smartphones with versions earlier than 10.0.0.178(C00E178R1P4) have a denial of service vulnerability. Certain service in the system does not sufficiently validate certain parameter which is received, the attacker should trick the user into installing a malicious…

  • CVE-2020-9227MedJul 17, 2020
    risk 0.36cvss 5.5epss 0.00

    Huawei Smart Phones Moana-AL00B with versions earlier than 10.1.0.166 have a missing initialization of resource vulnerability. An attacker tricks the user into installing then running a crafted application. Due to improper initialization of specific parameters, successful…

  • CVE-2020-9258MedJul 10, 2020
    risk 0.36cvss 5.5epss 0.00

    HUAWEI P30 smartphone with versions earlier than 10.1.0.135(C00E135R2P11) have an improper input verification vulnerability. An attribution in a module is not set correctly and some verification is lacked. Attackers with local access can exploit this vulnerability by injecting…

  • CVE-2020-9226MedJul 6, 2020
    risk 0.36cvss 5.5epss 0.00

    HUAWEI P30 with versions earlier than 10.1.0.135(C00E135R2P11) have an improper signature verification vulnerability. The system does not improper check signature of specific software package, an attacker may exploit this vulnerability to load a crafted software package to the…

  • CVE-2020-1838MedJul 6, 2020
    risk 0.36cvss 5.5epss 0.00

    HUAWEI Mate 30 Pro with versions earlier than 10.1.0.150(C00E136R5P3) have is an improper authentication vulnerability. The device does not sufficiently validate certain credential of user's face, an attacker could craft the credential of the user, successful exploit could allow…

  • CVE-2020-1880MedApr 27, 2020
    risk 0.36cvss 5.5epss 0.01

    Huawei smartphone Lion-AL00C with versions earlier than 10.0.0.205(C00E202R7P2) have a denial of service vulnerability. An attacker crafted specially file to the affected device. Due to insufficient input validation of the value when executing the file, successful exploit may…

Page 26 of 46