| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data confidentiality. |
| There is an Out-of-bounds array read vulnerability in the security storage module in smartphones. Successful exploitation of this vulnerability may affect service confidentiality. |
| Out-of-bounds heap read vulnerability in the HW_KEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds access. |
| The eID module has a null pointer reference vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. |
| The HW_KEYMASTER module lacks the validity check of the key format. Successful exploitation of this vulnerability may result in out-of-bounds memory access. |
| Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect confidentiality. |
| There is a race condition vulnerability in the binder driver subsystem in the kernel.Successful exploitation of this vulnerability may affect kernel stability. |
| Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect integrity. |
| Vulnerability of pointers being incorrectly used during data transmission in the video framework. Successful exploitation of this vulnerability may affect confidentiality. |
| There is an uncontrolled resource consumption vulnerability in the display module. Successful exploitation of this vulnerability may affect integrity. |
| The bone voice ID TA has a heap overflow vulnerability.Successful exploitation of this vulnerability may result in malicious code execution. |
| There is an Out-of-bounds write vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity. |
| There is a memory leak vulnerability in CloudEngine 12800 V200R019C00SPC800, CloudEngine 5800 V200R019C00SPC800, CloudEngine 6800 V200R019C00SPC800 and CloudEngine 7800 V200R019C00SPC800. The software does not sufficiently track and release allocated memory while parse a series of crafted binary messages, which could consume remaining memory. Successful exploit could cause memory exhaust. |
| There is an information leak vulnerability in eCNS280_TD V100R005C10SPC650. The vulnerability is caused by improper log output management. An attacker with the ability to access the log file of device may lead to information disclosure. |
| The distributed data service component has a vulnerability in data access control. Successful exploitation of this vulnerability may affect data confidentiality. |
| The cellular module has a vulnerability in permission management. Successful exploitation of this vulnerability may affect data confidentiality. |
| HwPCAssistant has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. |
| The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end. |
| The CaasKit module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause the MeeTime application to be unavailable. |
| The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end. |
