Filtered by vendor Huawei
Subscriptions
Total
1893 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-22331 | 1 Huawei | 2 P30, P30 Firmware | 2024-08-03 | 7.5 High |
There is a JavaScript injection vulnerability in certain Huawei smartphones. A module does not verify some inputs sufficiently. Attackers can exploit this vulnerability by sending a malicious application request to launch JavaScript injection. This may compromise normal service. Affected product versions include HUAWEI P30 versions earlier than 10.1.0.165(C01E165R2P11), 11.0.0.118(C635E2R1P3), 11.0.0.120(C00E120R2P5), 11.0.0.138(C10E4R5P3), 11.0.0.138(C185E4R7P3), 11.0.0.138(C432E8R2P3), 11.0.0.138(C461E4R3P3), 11.0.0.138(C605E4R1P3), and 11.0.0.138(C636E4R3P3). | ||||
CVE-2021-22335 | 1 Huawei | 2 Emui, Magic Ui | 2024-08-03 | 7.8 High |
There is a Memory Buffer Improper Operation Limit vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause exceptions in image processing. | ||||
CVE-2021-22301 | 1 Huawei | 2 Mate 30, Mate 30 Firmware | 2024-08-03 | 6.7 Medium |
Mate 30 10.0.0.203(C00E201R7P2) have a buffer overflow vulnerability. After obtaining the root permission, an attacker can exploit the vulnerability to cause buffer overflow. | ||||
CVE-2021-22306 | 1 Huawei | 2 Mate 30, Mate 30 Firmware | 2024-08-03 | 4.6 Medium |
There is an out-of-bound read vulnerability in Mate 30 10.0.0.182(C00E180R6P2). A module does not verify the some input when dealing with messages. Attackers can exploit this vulnerability by sending malicious input through specific module. This could cause out-of-bound, compromising normal service. | ||||
CVE-2021-22294 | 1 Huawei | 1 Harmonyos | 2024-08-03 | 3.3 Low |
A component API of the HarmonyOS 2.0 has a permission bypass vulnerability. Local attackers may exploit this vulnerability to issue commands repeatedly, exhausting system service resources. | ||||
CVE-2021-22304 | 1 Huawei | 2 Taurus-al00a, Taurus-al00a Firmware | 2024-08-03 | 3.3 Low |
There is a use after free vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). A module may refer to some memory after it has been freed while dealing with some messages. Attackers can exploit this vulnerability by sending specific message to the affected module. This may lead to module crash, compromising normal service. | ||||
CVE-2021-22302 | 1 Huawei | 2 Taurus-al00a, Taurus-al00a Firmware | 2024-08-03 | 7.1 High |
There is an out-of-bound read vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). A module does not verify the some input. Attackers can exploit this vulnerability by sending malicious input through specific app. This could cause out-of-bound, compromising normal service. | ||||
CVE-2021-22295 | 1 Huawei | 1 Harmonyos | 2024-08-03 | 5.5 Medium |
A component of the HarmonyOS has a permission bypass vulnerability. Local attackers may exploit this vulnerability to cause the device to hang due to the page error OsVmPageFaultHandler. | ||||
CVE-2022-48681 | 1 Huawei | 1 Egrt-00 | 2024-08-03 | 7.2 High |
Some Huawei smart speakers have a memory overflow vulnerability. Successful exploitation of this vulnerability may cause certain functions to fail. | ||||
CVE-2022-48496 | 1 Huawei | 1 Emui | 2024-08-03 | 7.5 High |
Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious apps to become pre-authorized. | ||||
CVE-2022-48605 | 1 Huawei | 2 Emui, Harmonyos | 2024-08-03 | 9.8 Critical |
Input verification vulnerability in the fingerprint module. Successful exploitation of this vulnerability will affect confidentiality, integrity, and availability. | ||||
CVE-2022-48615 | 1 Huawei | 2 Ar617vw, Ar617vw Firmware | 2024-08-03 | 4.8 Medium |
An improper access control vulnerability exists in a Huawei datacom product. Attackers can exploit this vulnerability to obtain partial device information. | ||||
CVE-2022-48606 | 1 Huawei | 2 Emui, Harmonyos | 2024-08-03 | 7.5 High |
Stability-related vulnerability in the binder background management and control module. Successful exploitation of this vulnerability may affect availability. | ||||
CVE-2022-48616 | 1 Huawei | 2 Ar617vw, Ar617vw Firmware | 2024-08-03 | 6.4 Medium |
A Huawei data communication product has a command injection vulnerability. Successful exploitation of this vulnerability may allow attackers to gain higher privileges. | ||||
CVE-2022-48478 | 1 Huawei | 1 Harmonyos | 2024-08-03 | 9.8 Critical |
The facial recognition TA of some products lacks memory length verification. Successful exploitation of this vulnerability may cause exceptions of the facial recognition service. | ||||
CVE-2022-48492 | 1 Huawei | 1 Emui | 2024-08-03 | 7.5 High |
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability. | ||||
CVE-2022-48472 | 1 Huawei | 3 Bisheng-wnm, Bisheng-wnm Firmware, Ota-bisheng Firmware | 2024-08-03 | 9.8 Critical |
A Huawei printer has a system command injection vulnerability. Successful exploitation could lead to remote code execution. Affected product versions include:BiSheng-WNM versions OTA-BiSheng-FW-2.0.0.211-beta,BiSheng-WNM FW 3.0.0.325,BiSheng-WNM FW 2.0.0.211. | ||||
CVE-2022-48514 | 1 Huawei | 1 Harmonyos | 2024-08-03 | 7.5 High |
The Sepolicy module has inappropriate permission control on the use of Netlink.Successful exploitation of this vulnerability may affect confidentiality. | ||||
CVE-2022-48519 | 1 Huawei | 2 Emui, Harmonyos | 2024-08-03 | 7.5 High |
Unauthorized access vulnerability in the SystemUI module. Successful exploitation of this vulnerability may affect confidentiality. | ||||
CVE-2022-48520 | 1 Huawei | 2 Emui, Harmonyos | 2024-08-03 | 7.5 High |
Unauthorized access vulnerability in the SystemUI module. Successful exploitation of this vulnerability may affect confidentiality. |