VYPR

Vendor CVEs

Huawei

All CVEs

2,254 total · sorted by risk
  • CVE-2021-40057Mar 7, 2022
    risk 0.00cvss epss 0.01

    There is a heap-based and stack-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.

  • CVE-2021-40058Mar 7, 2022
    risk 0.00cvss epss 0.01

    There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.

  • CVE-2021-40059Mar 7, 2022
    risk 0.00cvss epss 0.00

    There is a permission control vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect confidentiality.

  • CVE-2021-40060Mar 7, 2022
    risk 0.00cvss epss 0.01

    There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.

  • CVE-2021-40061Mar 7, 2022
    risk 0.00cvss epss 0.01

    There is a vulnerability of accessing resources using an incompatible type (type confusion) in the Bastet module. Successful exploitation of this vulnerability may affect integrity.

  • CVE-2021-40062Mar 7, 2022
    risk 0.00cvss epss 0.01

    There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability.

  • CVE-2021-40063Mar 7, 2022
    risk 0.00cvss epss 0.01

    There is an improper access control vulnerability in the video module. Successful exploitation of this vulnerability may affect confidentiality.

  • CVE-2021-40064Mar 7, 2022
    risk 0.00cvss epss 0.01

    There is a heap-based buffer overflow vulnerability in system components. Successful exploitation of this vulnerability may affect system stability.

  • CVE-2021-40043Feb 25, 2022
    risk 0.00cvss epss 0.00

    The laser command injection vulnerability exists on AIS-BW80H-00 versions earlier than AIS-BW80H-00 9.0.3.4(H100SP13C00). The devices cannot effectively defend against external malicious interference. Attackers need the device to be visually exploitable and successful triggering…

  • CVE-2021-37103Feb 25, 2022
    risk 0.00cvss epss 0.00

    There is an improper permission management vulnerability in the Wallet apps. Successful exploitation of this vulnerability may affect service confidentiality.

  • CVE-2021-22429Feb 25, 2022
    risk 0.00cvss epss 0.01

    There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.

  • CVE-2021-22432Feb 25, 2022
    risk 0.00cvss epss 0.01

    There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access.

  • CVE-2021-22426Feb 25, 2022
    risk 0.00cvss epss 0.01

    There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.

  • CVE-2021-22430Feb 25, 2022
    risk 0.00cvss epss 0.01

    There is a logic bypass vulnerability in smartphones. Successful exploitation of this vulnerability may cause code injection.

  • CVE-2021-22431Feb 25, 2022
    risk 0.00cvss epss 0.01

    There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access.

  • CVE-2021-22433Feb 25, 2022
    risk 0.00cvss epss 0.01

    There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.

  • CVE-2021-22434Feb 25, 2022
    risk 0.00cvss epss 0.01

    There is a memory address out of bounds vulnerability in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.

  • CVE-2021-22395Feb 25, 2022
    risk 0.00cvss epss 0.01

    There is a code injection vulnerability in smartphones. Successful exploitation of this vulnerability may affect service confidentiality.

  • CVE-2021-22394Feb 25, 2022
    risk 0.00cvss epss 0.01

    There is a buffer overflow vulnerability in smartphones. Successful exploitation of this vulnerability may cause DoS of the apps during Multi-Screen Collaboration.

  • CVE-2021-22319Feb 25, 2022
    risk 0.00cvss epss 0.01

    There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause integer overflows.

  • CVE-2021-37027Feb 25, 2022
    risk 0.00cvss epss 0.01

    There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service integrity.

  • CVE-2021-22489Feb 25, 2022
    risk 0.00cvss epss 0.01

    There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service availability.

  • CVE-2021-22448Feb 25, 2022
    risk 0.00cvss epss 0.01

    There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause unauthorized read and write of some files.

  • CVE-2021-22480Feb 25, 2022
    risk 0.00cvss epss 0.01

    The interface of a certain HarmonyOS module has an integer overflow vulnerability. Successful exploitation of this vulnerability may lead to heap memory overflow.

  • CVE-2021-22437Feb 25, 2022
    risk 0.00cvss epss 0.00

    There is a software integer overflow leading to a TOCTOU condition in smartphones. Successful exploitation of this vulnerability may cause random address access.

  • CVE-2021-22479Feb 25, 2022
    risk 0.00cvss epss 0.00

    The interface of a certain HarmonyOS module has an invalid address access vulnerability. Successful exploitation of this vulnerability may lead to kernel crash.

  • CVE-2021-22441Feb 25, 2022
    risk 0.00cvss epss 0.00

    Some Huawei products have an integer overflow vulnerability. Successful exploitation of this vulnerability may lead to kernel crash.

  • CVE-2021-22478Feb 25, 2022
    risk 0.00cvss epss 0.00

    The interface of a certain HarmonyOS module has a UAF vulnerability. Successful exploitation of this vulnerability may lead to information leakage.

  • CVE-2022-24925Feb 11, 2022
    risk 0.00cvss epss 0.00

    Improper input validation vulnerability in SettingsProvider prior to Android S(12) allows privileged attackers to trigger a permanent denial of service attack on a victim's devices.

  • CVE-2021-40015Feb 9, 2022
    risk 0.00cvss epss 0.00

    There is a race condition vulnerability in the binder driver subsystem in the kernel.Successful exploitation of this vulnerability may affect kernel stability.

  • CVE-2021-40044Feb 9, 2022
    risk 0.00cvss epss 0.00

    There is a permission verification vulnerability in the Bluetooth module.Successful exploitation of this vulnerability may cause unauthorized operations.

  • CVE-2021-40045Feb 9, 2022
    risk 0.00cvss epss 0.00

    There is a vulnerability of signature verification mechanism failure in system upgrade through recovery mode.Successful exploitation of this vulnerability may affect service confidentiality.

  • CVE-2021-39994Feb 9, 2022
    risk 0.00cvss epss 0.01

    There is an arbitrary address access vulnerability with the product line test code.Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.

  • CVE-2021-39997Feb 9, 2022
    risk 0.00cvss epss 0.01

    There is a vulnerability of unstrict input parameter verification in the audio assembly.Successful exploitation of this vulnerability may cause out-of-bounds access.

  • CVE-2021-39992Feb 9, 2022
    risk 0.00cvss epss 0.00

    There is an improper security permission configuration vulnerability on ACPU.Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.

  • CVE-2021-37107Feb 9, 2022
    risk 0.00cvss epss 0.00

    There is an improper memory access permission configuration on ACPU.Successful exploitation of this vulnerability may cause out-of-bounds access.

  • CVE-2021-37109Feb 9, 2022
    risk 0.00cvss epss 0.00

    There is a security protection bypass vulnerability with the modem.Successful exploitation of this vulnerability may cause memory protection failure.

  • CVE-2021-37115Feb 9, 2022
    risk 0.00cvss epss 0.00

    There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Successful exploitation of this vulnerability may affect service confidentiality.

  • CVE-2021-39986Feb 9, 2022
    risk 0.00cvss epss 0.00

    There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Successful exploitation of this vulnerability may affect service confidentiality.

  • CVE-2021-39991Feb 9, 2022
    risk 0.00cvss epss 0.00

    There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Successful exploitation of this vulnerability may affect service confidentiality.

  • CVE-2021-40033Jan 31, 2022
    risk 0.00cvss epss 0.00

    There is an information exposure vulnerability on several Huawei Products. The vulnerability is due to that the software does not properly protect certain information. Successful exploit could cause information disclosure. Affected product versions include: CloudEngine 12800…

  • CVE-2021-40042Jan 31, 2022
    risk 0.00cvss epss 0.01

    There is a release of invalid pointer vulnerability in some Huawei products, successful exploit may cause the process and service abnormal. Affected product versions include: CloudEngine 12800 V200R019C10SPC800, V200R019C10SPC900; CloudEngine 5800 V200R019C10SPC800,…

  • CVE-2021-39998Jan 7, 2022
    risk 0.00cvss epss 0.01

    There is Vulnerability of APIs being concurrently called for multiple times in HwConnectivityExService a in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart.

  • CVE-2021-40032Jan 7, 2022
    risk 0.00cvss epss 0.01

    The bone voice ID TA has a vulnerability in information management,Successful exploitation of this vulnerability may affect data confidentiality.

  • CVE-2021-40028Jan 7, 2022
    risk 0.00cvss epss 0.01

    The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data integrity.

  • CVE-2021-40027Jan 7, 2022
    risk 0.00cvss epss 0.01

    The bone voice ID TA has a vulnerability in calculating the buffer length,Successful exploitation of this vulnerability may affect data confidentiality.

  • CVE-2021-40025Jan 7, 2022
    risk 0.00cvss epss 0.01

    The eID module has a vulnerability that causes the memory to be used without being initialized,Successful exploitation of this vulnerability may affect data confidentiality.

  • CVE-2021-40022Jan 7, 2022
    risk 0.00cvss epss 0.01

    The weaver module has a vulnerability in parameter type verification,Successful exploitation of this vulnerability may affect data confidentiality.

  • CVE-2021-40021Jan 7, 2022
    risk 0.00cvss epss 0.01

    The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data confidentiality.

  • CVE-2021-40018Jan 7, 2022
    risk 0.00cvss epss 0.01

    The eID module has a null pointer reference vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.

Page 32 of 46