| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Logical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some features. |
| The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability. |
| Missing authorization vulnerability in the system components. Successful exploitation of this vulnerability will affect confidentiality. |
| The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability. |
| There is a configuration defect in the activation lock of mobile phones.Successful exploitation of this vulnerability may affect application availability. |
| The Wi-Fi module has an event notification vulnerability.Successful exploitation of this vulnerability may allow third-party applications to intercept event notifications and add information and result in elevation-of-privilege. |
| The customization framework has a vulnerability of improper permission control.Successful exploitation of this vulnerability may affect data integrity. |
| The DFX module has an access control vulnerability.Successful exploitation of this vulnerability may affect data confidentiality. |
| A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation of this vulnerability may affect data confidentiality. |
| The DFX module has a vulnerability of improper validation of integrity check values.Successful exploitation of this vulnerability may affect system stability. |
| The DFX module has a UAF vulnerability.Successful exploitation of this vulnerability may affect system stability. |
| The video framework has an out-of-bounds memory read/write vulnerability. Successful exploitation of this vulnerability may affect system availability. |
| Vulnerability of residual files not being deleted after an update in the ChinaDRM module. Successful exploitation of this vulnerability may affect availability. |
| HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this vulnerability may cause disclosure of the Card Production Life Cycle (CPLC) information. |
| Configuration defects in the secure OS module. Successful exploitation of this vulnerability can affect availability. |
| Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations. |
| The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to crash. |
| The audio module has a vulnerability in verifying the parameters passed by the application space.Successful exploitation of this vulnerability may cause out-of-bounds memory access. |
| The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings.Secure data.Successful exploitation of this vulnerability may affect the availability. |
| The basic framework and setting module have defects, which were introduced during the design. Successful exploitation of this vulnerability may affect system integrity. |
