Vendor CVEs
Huawei
All CVEs
2,254 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-29798 | 0.00 | — | 0.01 | Jun 13, 2022 | There is a denial of service vulnerability in CV81-WDM FW versions 01.70.49.29.46. Successful exploitation could cause denial of service. | |||
| CVE-2021-40036 | 0.00 | — | 0.01 | Jun 13, 2022 | The bone voice ID TA has a memory overwrite vulnerability. Successful exploitation of this vulnerability may result in malicious code execution. | |||
| CVE-2022-31752 | 0.00 | — | 0.00 | Jun 13, 2022 | Missing authorization vulnerability in the system components. Successful exploitation of this vulnerability will affect confidentiality. | |||
| CVE-2022-31761 | 0.00 | — | 0.01 | Jun 13, 2022 | Configuration defects in the secure OS module. Successful exploitation of this vulnerability will affect confidentiality. | |||
| CVE-2021-46813 | 0.00 | — | 0.01 | Jun 13, 2022 | Vulnerability of residual files not being deleted after an update in the ChinaDRM module. Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2022-31754 | 0.00 | — | 0.01 | Jun 13, 2022 | Logical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some features. | |||
| CVE-2021-46811 | 0.00 | — | 0.00 | Jun 13, 2022 | HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this vulnerability may cause disclosure of the Card Production Life Cycle (CPLC) information. | |||
| CVE-2022-31753 | 0.00 | — | 0.01 | Jun 13, 2022 | The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability. | |||
| CVE-2022-31757 | 0.00 | — | 0.01 | Jun 13, 2022 | The setting module has a vulnerability of improper use of APIs. Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2021-46812 | 0.00 | — | 0.01 | Jun 13, 2022 | The Device Manager has a vulnerability in multi-device interaction. Successful exploitation of this vulnerability may affect data integrity. | |||
| CVE-2022-31760 | 0.00 | — | 0.01 | Jun 13, 2022 | Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services. Successful exploitation of this vulnerability may affect data integrity and confidentiality. | |||
| CVE-2022-31762 | 0.00 | — | 0.00 | Jun 13, 2022 | The AMS module has a vulnerability in input validation. Successful exploitation of this vulnerability may cause privilege escalation. | |||
| CVE-2022-31759 | 0.00 | — | 0.00 | Jun 13, 2022 | AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability. | |||
| CVE-2022-31755 | 0.00 | — | 0.00 | Jun 13, 2022 | The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability. | |||
| CVE-2022-31756 | 0.00 | — | 0.00 | Jun 13, 2022 | The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2022-31751 | 0.00 | — | 0.00 | Jun 13, 2022 | The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability. | |||
| CVE-2022-31758 | 0.00 | — | 0.00 | Jun 13, 2022 | The kernel module has the race condition vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2022-31763 | 0.00 | — | 0.00 | Jun 13, 2022 | The kernel module has the null pointer and out-of-bounds array vulnerabilities. Successful exploitation of this vulnerability may affect system availability. | |||
| CVE-2021-46814 | 0.00 | — | 0.01 | Jun 13, 2022 | The video framework has an out-of-bounds memory read/write vulnerability. Successful exploitation of this vulnerability may affect system availability. | |||
| CVE-2022-29796 | 0.00 | — | 0.01 | May 13, 2022 | The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. | |||
| CVE-2022-29795 | 0.00 | — | 0.01 | May 13, 2022 | The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability. | |||
| CVE-2022-29794 | 0.00 | — | 0.01 | May 13, 2022 | The frame scheduling module has a Use After Free (UAF) vulnerability.Successful exploitation of this vulnerability will affect data integrity, availability, and confidentiality. | |||
| CVE-2022-29792 | 0.00 | — | 0.01 | May 13, 2022 | The chip component has a vulnerability of disclosing CPU SNs.Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2022-29791 | 0.00 | — | 0.01 | May 13, 2022 | The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. | |||
| CVE-2022-29790 | 0.00 | — | 0.01 | May 13, 2022 | The graphics acceleration service has a vulnerability in multi-thread access to the database.Successful exploitation of this vulnerability may cause service exceptions. | |||
| CVE-2022-29789 | 0.00 | — | 0.01 | May 13, 2022 | The HiAIserver has a vulnerability in verifying the validity of the properties used in the model.Successful exploitation of this vulnerability will affect AI services. | |||
| CVE-2022-22261 | 0.00 | — | 0.01 | May 13, 2022 | The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. | |||
| CVE-2022-22260 | 0.00 | — | 0.01 | May 13, 2022 | The kernel module has a UAF vulnerability.Successful exploitation of this vulnerability will affect data integrity and availability. | |||
| CVE-2021-46788 | 0.00 | — | 0.01 | May 13, 2022 | Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations. | |||
| CVE-2021-46787 | 0.00 | — | 0.01 | May 13, 2022 | The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to crash. | |||
| CVE-2021-46786 | 0.00 | — | 0.01 | May 13, 2022 | The audio module has a vulnerability in verifying the parameters passed by the application space.Successful exploitation of this vulnerability may cause out-of-bounds memory access. | |||
| CVE-2021-46785 | 0.00 | — | 0.01 | May 13, 2022 | The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier. | |||
| CVE-2021-40065 | 0.00 | — | 0.01 | Apr 11, 2022 | The communication module has a service logic error vulnerability.Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2021-46740 | 0.00 | — | 0.01 | Apr 11, 2022 | The device authentication service module has a defect vulnerability introduced in the design process.Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2021-46742 | 0.00 | — | 0.01 | Apr 11, 2022 | The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings.Secure data.Successful exploitation of this vulnerability may affect the availability. | |||
| CVE-2022-22253 | 0.00 | — | 0.00 | Apr 11, 2022 | The DFX module has a vulnerability of improper validation of integrity check values.Successful exploitation of this vulnerability may affect system stability. | |||
| CVE-2022-22254 | 0.00 | — | 0.01 | Apr 11, 2022 | A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2022-22255 | 0.00 | — | 0.01 | Apr 11, 2022 | The application framework has a common DoS vulnerability.Successful exploitation of this vulnerability may affect the availability. | |||
| CVE-2022-22256 | 0.00 | — | 0.01 | Apr 11, 2022 | The DFX module has an access control vulnerability.Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2022-22257 | 0.00 | — | 0.01 | Apr 11, 2022 | The customization framework has a vulnerability of improper permission control.Successful exploitation of this vulnerability may affect data integrity. | |||
| CVE-2021-40047 | 0.00 | — | 0.01 | Mar 7, 2022 | There is a vulnerability of memory not being released after effective lifetime in the Bastet module. Successful exploitation of this vulnerability may affect integrity. | |||
| CVE-2021-40048 | 0.00 | — | 0.01 | Mar 7, 2022 | There is an incorrect buffer size calculation vulnerability in the video framework. Successful exploitation of this vulnerability will affect availability. | |||
| CVE-2021-40049 | 0.00 | — | 0.01 | Mar 7, 2022 | There is a permission control vulnerability in the PMS module. Successful exploitation of this vulnerability can lead to sensitive system information being obtained without authorization. | |||
| CVE-2021-40050 | 0.00 | — | 0.01 | Mar 7, 2022 | There is an out-of-bounds read vulnerability in the IFAA module. Successful exploitation of this vulnerability may cause stack overflow. | |||
| CVE-2021-40051 | 0.00 | — | 0.01 | Mar 7, 2022 | There is an unauthorized access vulnerability in system components. Successful exploitation of this vulnerability will affect confidentiality. | |||
| CVE-2021-40052 | 0.00 | — | 0.01 | Mar 7, 2022 | There is an incorrect buffer size calculation vulnerability in the video framework.Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2021-40053 | 0.00 | — | 0.01 | Mar 7, 2022 | There is a permission control vulnerability in the Nearby module.Successful exploitation of this vulnerability will affect availability and integrity. | |||
| CVE-2021-40054 | 0.00 | — | 0.01 | Mar 7, 2022 | There is an integer underflow vulnerability in the atcmdserver module. Successful exploitation of this vulnerability may affect integrity. | |||
| CVE-2021-40055 | 0.00 | — | 0.00 | Mar 7, 2022 | There is a man-in-the-middle attack vulnerability during system update download in recovery mode. Successful exploitation of this vulnerability may affect integrity. | |||
| CVE-2021-40056 | 0.00 | — | 0.01 | Mar 7, 2022 | There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability. |
- CVE-2022-29798Jun 13, 2022risk 0.00cvss —epss 0.01
There is a denial of service vulnerability in CV81-WDM FW versions 01.70.49.29.46. Successful exploitation could cause denial of service.
- CVE-2021-40036Jun 13, 2022risk 0.00cvss —epss 0.01
The bone voice ID TA has a memory overwrite vulnerability. Successful exploitation of this vulnerability may result in malicious code execution.
- CVE-2022-31752Jun 13, 2022risk 0.00cvss —epss 0.00
Missing authorization vulnerability in the system components. Successful exploitation of this vulnerability will affect confidentiality.
- CVE-2022-31761Jun 13, 2022risk 0.00cvss —epss 0.01
Configuration defects in the secure OS module. Successful exploitation of this vulnerability will affect confidentiality.
- CVE-2021-46813Jun 13, 2022risk 0.00cvss —epss 0.01
Vulnerability of residual files not being deleted after an update in the ChinaDRM module. Successful exploitation of this vulnerability may affect availability.
- CVE-2022-31754Jun 13, 2022risk 0.00cvss —epss 0.01
Logical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some features.
- CVE-2021-46811Jun 13, 2022risk 0.00cvss —epss 0.00
HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this vulnerability may cause disclosure of the Card Production Life Cycle (CPLC) information.
- CVE-2022-31753Jun 13, 2022risk 0.00cvss —epss 0.01
The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability.
- CVE-2022-31757Jun 13, 2022risk 0.00cvss —epss 0.01
The setting module has a vulnerability of improper use of APIs. Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2021-46812Jun 13, 2022risk 0.00cvss —epss 0.01
The Device Manager has a vulnerability in multi-device interaction. Successful exploitation of this vulnerability may affect data integrity.
- CVE-2022-31760Jun 13, 2022risk 0.00cvss —epss 0.01
Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services. Successful exploitation of this vulnerability may affect data integrity and confidentiality.
- CVE-2022-31762Jun 13, 2022risk 0.00cvss —epss 0.00
The AMS module has a vulnerability in input validation. Successful exploitation of this vulnerability may cause privilege escalation.
- CVE-2022-31759Jun 13, 2022risk 0.00cvss —epss 0.00
AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability.
- CVE-2022-31755Jun 13, 2022risk 0.00cvss —epss 0.00
The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability.
- CVE-2022-31756Jun 13, 2022risk 0.00cvss —epss 0.00
The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2022-31751Jun 13, 2022risk 0.00cvss —epss 0.00
The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability.
- CVE-2022-31758Jun 13, 2022risk 0.00cvss —epss 0.00
The kernel module has the race condition vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2022-31763Jun 13, 2022risk 0.00cvss —epss 0.00
The kernel module has the null pointer and out-of-bounds array vulnerabilities. Successful exploitation of this vulnerability may affect system availability.
- CVE-2021-46814Jun 13, 2022risk 0.00cvss —epss 0.01
The video framework has an out-of-bounds memory read/write vulnerability. Successful exploitation of this vulnerability may affect system availability.
- CVE-2022-29796May 13, 2022risk 0.00cvss —epss 0.01
The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services.
- CVE-2022-29795May 13, 2022risk 0.00cvss —epss 0.01
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
- CVE-2022-29794May 13, 2022risk 0.00cvss —epss 0.01
The frame scheduling module has a Use After Free (UAF) vulnerability.Successful exploitation of this vulnerability will affect data integrity, availability, and confidentiality.
- CVE-2022-29792May 13, 2022risk 0.00cvss —epss 0.01
The chip component has a vulnerability of disclosing CPU SNs.Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2022-29791May 13, 2022risk 0.00cvss —epss 0.01
The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services.
- CVE-2022-29790May 13, 2022risk 0.00cvss —epss 0.01
The graphics acceleration service has a vulnerability in multi-thread access to the database.Successful exploitation of this vulnerability may cause service exceptions.
- CVE-2022-29789May 13, 2022risk 0.00cvss —epss 0.01
The HiAIserver has a vulnerability in verifying the validity of the properties used in the model.Successful exploitation of this vulnerability will affect AI services.
- CVE-2022-22261May 13, 2022risk 0.00cvss —epss 0.01
The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services.
- CVE-2022-22260May 13, 2022risk 0.00cvss —epss 0.01
The kernel module has a UAF vulnerability.Successful exploitation of this vulnerability will affect data integrity and availability.
- CVE-2021-46788May 13, 2022risk 0.00cvss —epss 0.01
Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations.
- CVE-2021-46787May 13, 2022risk 0.00cvss —epss 0.01
The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to crash.
- CVE-2021-46786May 13, 2022risk 0.00cvss —epss 0.01
The audio module has a vulnerability in verifying the parameters passed by the application space.Successful exploitation of this vulnerability may cause out-of-bounds memory access.
- CVE-2021-46785May 13, 2022risk 0.00cvss —epss 0.01
The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier.
- CVE-2021-40065Apr 11, 2022risk 0.00cvss —epss 0.01
The communication module has a service logic error vulnerability.Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2021-46740Apr 11, 2022risk 0.00cvss —epss 0.01
The device authentication service module has a defect vulnerability introduced in the design process.Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2021-46742Apr 11, 2022risk 0.00cvss —epss 0.01
The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings.Secure data.Successful exploitation of this vulnerability may affect the availability.
- CVE-2022-22253Apr 11, 2022risk 0.00cvss —epss 0.00
The DFX module has a vulnerability of improper validation of integrity check values.Successful exploitation of this vulnerability may affect system stability.
- CVE-2022-22254Apr 11, 2022risk 0.00cvss —epss 0.01
A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2022-22255Apr 11, 2022risk 0.00cvss —epss 0.01
The application framework has a common DoS vulnerability.Successful exploitation of this vulnerability may affect the availability.
- CVE-2022-22256Apr 11, 2022risk 0.00cvss —epss 0.01
The DFX module has an access control vulnerability.Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2022-22257Apr 11, 2022risk 0.00cvss —epss 0.01
The customization framework has a vulnerability of improper permission control.Successful exploitation of this vulnerability may affect data integrity.
- CVE-2021-40047Mar 7, 2022risk 0.00cvss —epss 0.01
There is a vulnerability of memory not being released after effective lifetime in the Bastet module. Successful exploitation of this vulnerability may affect integrity.
- CVE-2021-40048Mar 7, 2022risk 0.00cvss —epss 0.01
There is an incorrect buffer size calculation vulnerability in the video framework. Successful exploitation of this vulnerability will affect availability.
- CVE-2021-40049Mar 7, 2022risk 0.00cvss —epss 0.01
There is a permission control vulnerability in the PMS module. Successful exploitation of this vulnerability can lead to sensitive system information being obtained without authorization.
- CVE-2021-40050Mar 7, 2022risk 0.00cvss —epss 0.01
There is an out-of-bounds read vulnerability in the IFAA module. Successful exploitation of this vulnerability may cause stack overflow.
- CVE-2021-40051Mar 7, 2022risk 0.00cvss —epss 0.01
There is an unauthorized access vulnerability in system components. Successful exploitation of this vulnerability will affect confidentiality.
- CVE-2021-40052Mar 7, 2022risk 0.00cvss —epss 0.01
There is an incorrect buffer size calculation vulnerability in the video framework.Successful exploitation of this vulnerability may affect availability.
- CVE-2021-40053Mar 7, 2022risk 0.00cvss —epss 0.01
There is a permission control vulnerability in the Nearby module.Successful exploitation of this vulnerability will affect availability and integrity.
- CVE-2021-40054Mar 7, 2022risk 0.00cvss —epss 0.01
There is an integer underflow vulnerability in the atcmdserver module. Successful exploitation of this vulnerability may affect integrity.
- CVE-2021-40055Mar 7, 2022risk 0.00cvss —epss 0.00
There is a man-in-the-middle attack vulnerability during system update download in recovery mode. Successful exploitation of this vulnerability may affect integrity.
- CVE-2021-40056Mar 7, 2022risk 0.00cvss —epss 0.01
There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability.
Page 31 of 46