Vendor CVEs
Huawei
All CVEs
2,254 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-40014 | 0.00 | — | 0.01 | Jan 7, 2022 | The bone voice ID trusted application (TA) has a heap overflow vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2021-40039 | 0.00 | — | 0.01 | Jan 7, 2022 | There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity. | |||
| CVE-2021-40038 | 0.00 | — | 0.01 | Jan 7, 2022 | There is a Double free vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity. | |||
| CVE-2021-40037 | 0.00 | — | 0.00 | Jan 7, 2022 | There is a Vulnerability of accessing resources using an incompatible type (type confusion) in the MPTCP subsystem in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart. | |||
| CVE-2021-40035 | 0.00 | — | 0.01 | Jan 7, 2022 | There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability. | |||
| CVE-2021-40031 | 0.00 | — | 0.01 | Jan 7, 2022 | There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity. | |||
| CVE-2021-40026 | 0.00 | — | 0.01 | Jan 7, 2022 | There is a Heap-based buffer overflow vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity. | |||
| CVE-2021-40029 | 0.00 | — | 0.01 | Jan 7, 2022 | There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability. | |||
| CVE-2021-40009 | 0.00 | — | 0.01 | Jan 7, 2022 | There is an Out-of-bounds write vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity. | |||
| CVE-2021-40020 | 0.00 | — | 0.01 | Jan 7, 2022 | There is an Out-of-bounds array read vulnerability in the security storage module in smartphones. Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2021-40005 | 0.00 | — | 0.01 | Jan 7, 2022 | The distributed data service component has a vulnerability in data access control. Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2021-40006 | 0.00 | — | 0.00 | Jan 7, 2022 | Vulnerability of design defects in the security algorithm component. Successful exploitation of this vulnerability may affect confidentiality. | |||
| CVE-2021-40004 | 0.00 | — | 0.01 | Jan 7, 2022 | The cellular module has a vulnerability in permission management. Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2021-40003 | 0.00 | — | 0.01 | Jan 7, 2022 | HwPCAssistant has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | |||
| CVE-2021-40002 | 0.00 | — | 0.00 | Jan 7, 2022 | The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end. | |||
| CVE-2021-40001 | 0.00 | — | 0.01 | Jan 7, 2022 | The CaasKit module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause the MeeTime application to be unavailable. | |||
| CVE-2021-40000 | 0.00 | — | 0.00 | Jan 7, 2022 | The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end. | |||
| CVE-2021-40041 | 0.00 | — | 0.00 | Jan 7, 2022 | There is a Cross-Site Scripting(XSS) vulnerability in HUAWEI WS318n product when processing network settings. Due to insufficient validation of user input, a local authenticated attacker could exploit this vulnerability by injecting special characters. Successful exploit could… | |||
| CVE-2021-39974 | 0.00 | — | 0.01 | Jan 3, 2022 | There is an Out-of-bounds read in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2021-39973 | 0.00 | — | 0.01 | Jan 3, 2022 | There is a Null pointer dereference in Smartphones.Successful exploitation of this vulnerability may cause the kernel to break down. | |||
| CVE-2021-39969 | 0.00 | — | 0.01 | Jan 3, 2022 | There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2021-39967 | 0.00 | — | 0.01 | Jan 3, 2022 | There is a Vulnerability of obtaining broadcast information improperly due to improper broadcast permission settings in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2021-39966 | 0.00 | — | 0.01 | Jan 3, 2022 | There is an Uninitialized AOD driver structure in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2021-37133 | 0.00 | — | 0.01 | Jan 3, 2022 | There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2021-39990 | 0.00 | — | 0.01 | Jan 3, 2022 | The screen lock module has a Stack-based Buffer Overflow vulnerability.Successful exploitation of this vulnerability may affect user experience. | |||
| CVE-2021-39988 | 0.00 | — | 0.01 | Jan 3, 2022 | The HwNearbyMain module has a NULL Pointer Dereference vulnerability.Successful exploitation of this vulnerability may cause a process to restart. | |||
| CVE-2021-39989 | 0.00 | — | 0.01 | Jan 3, 2022 | The HwNearbyMain module has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability may cause a process to restart. | |||
| CVE-2021-39987 | 0.00 | — | 0.01 | Jan 3, 2022 | The HwNearbyMain module has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause a process to restart. | |||
| CVE-2021-39985 | 0.00 | — | 0.01 | Jan 3, 2022 | The HwNearbyMain module has a Improper Validation of Array Index vulnerability.Successful exploitation of this vulnerability may cause a process to restart. | |||
| CVE-2021-39984 | 0.00 | — | 0.01 | Jan 3, 2022 | Huawei idap module has a Out-of-bounds Read vulnerability.Successful exploitation of this vulnerability may cause Denial of Service. | |||
| CVE-2021-39977 | 0.00 | — | 0.01 | Jan 3, 2022 | The HwNearbyMain module has a NULL Pointer Dereference vulnerability.Successful exploitation of this vulnerability may cause a process to restart. | |||
| CVE-2021-39983 | 0.00 | — | 0.01 | Jan 3, 2022 | The HwNearbyMain module has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause a process to restart. | |||
| CVE-2021-37118 | 0.00 | — | 0.01 | Jan 3, 2022 | The HwNearbyMain module has a Improper Handling of Exceptional Conditions vulnerability.Successful exploitation of this vulnerability may lead to message leak. | |||
| CVE-2021-37112 | 0.00 | — | 0.00 | Jan 3, 2022 | Hisuite module has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability may lead to Firmware leak. | |||
| CVE-2021-37119 | 0.00 | — | 0.01 | Jan 3, 2022 | There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS. | |||
| CVE-2021-37117 | 0.00 | — | 0.01 | Jan 3, 2022 | There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS. | |||
| CVE-2021-37114 | 0.00 | — | 0.01 | Jan 3, 2022 | There is an Out-of-bounds read vulnerability in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2021-37113 | 0.00 | — | 0.01 | Jan 3, 2022 | There is a Privilege escalation vulnerability with the file system component in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2021-37111 | 0.00 | — | 0.01 | Jan 3, 2022 | There is a Memory leakage vulnerability in Smartphone.Successful exploitation of this vulnerability may cause memory exhaustion. | |||
| CVE-2021-39982 | 0.00 | — | 0.01 | Jan 3, 2022 | Phone Manager application has a Improper Privilege Management vulnerability.Successful exploitation of this vulnerability may read and write arbitrary files by tampering with Phone Manager notifications. | |||
| CVE-2021-39981 | 0.00 | — | 0.00 | Jan 3, 2022 | Chang Lian application has a vulnerability which can be maliciously exploited to hide the calling number.Successful exploitation of this vulnerability allows you to make an anonymous call. | |||
| CVE-2021-39980 | 0.00 | — | 0.01 | Jan 3, 2022 | Telephony application has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could lead to sensitive information disclosure. | |||
| CVE-2021-39979 | 0.00 | — | 0.01 | Jan 3, 2022 | HHEE system has a Code Injection vulnerability.Successful exploitation of this vulnerability may affect HHEE system integrity. | |||
| CVE-2021-39978 | 0.00 | — | 0.01 | Jan 3, 2022 | Telephony application has a SQL Injection vulnerability.Successful exploitation of this vulnerability may cause privacy and security issues. | |||
| CVE-2021-39975 | 0.00 | — | 0.01 | Jan 3, 2022 | Hilinksvc has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause denial of service attacks. | |||
| CVE-2021-39972 | 0.00 | — | 0.01 | Jan 3, 2022 | MyHuawei-App has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could compromise confidentiality. | |||
| CVE-2021-39971 | 0.00 | — | 0.01 | Jan 3, 2022 | Password vault has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability could compromise confidentiality. | |||
| CVE-2021-39970 | 0.00 | — | 0.01 | Jan 3, 2022 | HwPCAssistant has a Improper Input Validation vulnerability.Successful exploitation of this vulnerability may create any file with the system app permission. | |||
| CVE-2021-37134 | 0.00 | — | 0.00 | Jan 3, 2022 | Location-related APIs exists a Race Condition vulnerability.Successful exploitation of this vulnerability may use Higher Permissions for invoking the interface of location-related components. | |||
| CVE-2021-39968 | 0.00 | — | 0.01 | Jan 3, 2022 | Changlian Blocklist has a Business Logic Errors vulnerability .Successful exploitation of this vulnerability may expand the attack surface of the message class. |
- CVE-2021-40014Jan 7, 2022risk 0.00cvss —epss 0.01
The bone voice ID trusted application (TA) has a heap overflow vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2021-40039Jan 7, 2022risk 0.00cvss —epss 0.01
There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
- CVE-2021-40038Jan 7, 2022risk 0.00cvss —epss 0.01
There is a Double free vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
- CVE-2021-40037Jan 7, 2022risk 0.00cvss —epss 0.00
There is a Vulnerability of accessing resources using an incompatible type (type confusion) in the MPTCP subsystem in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart.
- CVE-2021-40035Jan 7, 2022risk 0.00cvss —epss 0.01
There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability.
- CVE-2021-40031Jan 7, 2022risk 0.00cvss —epss 0.01
There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
- CVE-2021-40026Jan 7, 2022risk 0.00cvss —epss 0.01
There is a Heap-based buffer overflow vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
- CVE-2021-40029Jan 7, 2022risk 0.00cvss —epss 0.01
There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability.
- CVE-2021-40009Jan 7, 2022risk 0.00cvss —epss 0.01
There is an Out-of-bounds write vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
- CVE-2021-40020Jan 7, 2022risk 0.00cvss —epss 0.01
There is an Out-of-bounds array read vulnerability in the security storage module in smartphones. Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2021-40005Jan 7, 2022risk 0.00cvss —epss 0.01
The distributed data service component has a vulnerability in data access control. Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2021-40006Jan 7, 2022risk 0.00cvss —epss 0.00
Vulnerability of design defects in the security algorithm component. Successful exploitation of this vulnerability may affect confidentiality.
- CVE-2021-40004Jan 7, 2022risk 0.00cvss —epss 0.01
The cellular module has a vulnerability in permission management. Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2021-40003Jan 7, 2022risk 0.00cvss —epss 0.01
HwPCAssistant has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2021-40002Jan 7, 2022risk 0.00cvss —epss 0.00
The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end.
- CVE-2021-40001Jan 7, 2022risk 0.00cvss —epss 0.01
The CaasKit module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause the MeeTime application to be unavailable.
- CVE-2021-40000Jan 7, 2022risk 0.00cvss —epss 0.00
The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end.
- CVE-2021-40041Jan 7, 2022risk 0.00cvss —epss 0.00
There is a Cross-Site Scripting(XSS) vulnerability in HUAWEI WS318n product when processing network settings. Due to insufficient validation of user input, a local authenticated attacker could exploit this vulnerability by injecting special characters. Successful exploit could…
- CVE-2021-39974Jan 3, 2022risk 0.00cvss —epss 0.01
There is an Out-of-bounds read in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2021-39973Jan 3, 2022risk 0.00cvss —epss 0.01
There is a Null pointer dereference in Smartphones.Successful exploitation of this vulnerability may cause the kernel to break down.
- CVE-2021-39969Jan 3, 2022risk 0.00cvss —epss 0.01
There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2021-39967Jan 3, 2022risk 0.00cvss —epss 0.01
There is a Vulnerability of obtaining broadcast information improperly due to improper broadcast permission settings in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2021-39966Jan 3, 2022risk 0.00cvss —epss 0.01
There is an Uninitialized AOD driver structure in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2021-37133Jan 3, 2022risk 0.00cvss —epss 0.01
There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2021-39990Jan 3, 2022risk 0.00cvss —epss 0.01
The screen lock module has a Stack-based Buffer Overflow vulnerability.Successful exploitation of this vulnerability may affect user experience.
- CVE-2021-39988Jan 3, 2022risk 0.00cvss —epss 0.01
The HwNearbyMain module has a NULL Pointer Dereference vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
- CVE-2021-39989Jan 3, 2022risk 0.00cvss —epss 0.01
The HwNearbyMain module has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
- CVE-2021-39987Jan 3, 2022risk 0.00cvss —epss 0.01
The HwNearbyMain module has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
- CVE-2021-39985Jan 3, 2022risk 0.00cvss —epss 0.01
The HwNearbyMain module has a Improper Validation of Array Index vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
- CVE-2021-39984Jan 3, 2022risk 0.00cvss —epss 0.01
Huawei idap module has a Out-of-bounds Read vulnerability.Successful exploitation of this vulnerability may cause Denial of Service.
- CVE-2021-39977Jan 3, 2022risk 0.00cvss —epss 0.01
The HwNearbyMain module has a NULL Pointer Dereference vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
- CVE-2021-39983Jan 3, 2022risk 0.00cvss —epss 0.01
The HwNearbyMain module has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
- CVE-2021-37118Jan 3, 2022risk 0.00cvss —epss 0.01
The HwNearbyMain module has a Improper Handling of Exceptional Conditions vulnerability.Successful exploitation of this vulnerability may lead to message leak.
- CVE-2021-37112Jan 3, 2022risk 0.00cvss —epss 0.00
Hisuite module has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability may lead to Firmware leak.
- CVE-2021-37119Jan 3, 2022risk 0.00cvss —epss 0.01
There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.
- CVE-2021-37117Jan 3, 2022risk 0.00cvss —epss 0.01
There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.
- CVE-2021-37114Jan 3, 2022risk 0.00cvss —epss 0.01
There is an Out-of-bounds read vulnerability in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2021-37113Jan 3, 2022risk 0.00cvss —epss 0.01
There is a Privilege escalation vulnerability with the file system component in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2021-37111Jan 3, 2022risk 0.00cvss —epss 0.01
There is a Memory leakage vulnerability in Smartphone.Successful exploitation of this vulnerability may cause memory exhaustion.
- CVE-2021-39982Jan 3, 2022risk 0.00cvss —epss 0.01
Phone Manager application has a Improper Privilege Management vulnerability.Successful exploitation of this vulnerability may read and write arbitrary files by tampering with Phone Manager notifications.
- CVE-2021-39981Jan 3, 2022risk 0.00cvss —epss 0.00
Chang Lian application has a vulnerability which can be maliciously exploited to hide the calling number.Successful exploitation of this vulnerability allows you to make an anonymous call.
- CVE-2021-39980Jan 3, 2022risk 0.00cvss —epss 0.01
Telephony application has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could lead to sensitive information disclosure.
- CVE-2021-39979Jan 3, 2022risk 0.00cvss —epss 0.01
HHEE system has a Code Injection vulnerability.Successful exploitation of this vulnerability may affect HHEE system integrity.
- CVE-2021-39978Jan 3, 2022risk 0.00cvss —epss 0.01
Telephony application has a SQL Injection vulnerability.Successful exploitation of this vulnerability may cause privacy and security issues.
- CVE-2021-39975Jan 3, 2022risk 0.00cvss —epss 0.01
Hilinksvc has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause denial of service attacks.
- CVE-2021-39972Jan 3, 2022risk 0.00cvss —epss 0.01
MyHuawei-App has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could compromise confidentiality.
- CVE-2021-39971Jan 3, 2022risk 0.00cvss —epss 0.01
Password vault has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability could compromise confidentiality.
- CVE-2021-39970Jan 3, 2022risk 0.00cvss —epss 0.01
HwPCAssistant has a Improper Input Validation vulnerability.Successful exploitation of this vulnerability may create any file with the system app permission.
- CVE-2021-37134Jan 3, 2022risk 0.00cvss —epss 0.00
Location-related APIs exists a Race Condition vulnerability.Successful exploitation of this vulnerability may use Higher Permissions for invoking the interface of location-related components.
- CVE-2021-39968Jan 3, 2022risk 0.00cvss —epss 0.01
Changlian Blocklist has a Business Logic Errors vulnerability .Successful exploitation of this vulnerability may expand the attack surface of the message class.
Page 33 of 46