Total
276 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-31754 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Logical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some features.
|
|||||
| CVE-2022-31753 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability.
|
|||||
| CVE-2022-31752 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Missing authorization vulnerability in the system components. Successful exploitation of this vulnerability will affect confidentiality.
|
|||||
| CVE-2022-31751 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
|
The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability.
|
|||||
| CVE-2022-29793 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
There is a configuration defect in the activation lock of mobile phones.Successful exploitation of this vulnerability may affect application availability.
|
|||||
| CVE-2022-22258 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
The Wi-Fi module has an event notification vulnerability.Successful exploitation of this vulnerability may allow third-party applications to intercept event notifications and add information and result in elevation-of-privilege.
|
|||||
| CVE-2022-22257 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The customization framework has a vulnerability of improper permission control.Successful exploitation of this vulnerability may affect data integrity.
|
|||||
| CVE-2022-22256 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The DFX module has an access control vulnerability.Successful exploitation of this vulnerability may affect data confidentiality.
|
|||||
| CVE-2022-22254 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation of this vulnerability may affect data confidentiality.
|
|||||
| CVE-2022-22253 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The DFX module has a vulnerability of improper validation of integrity check values.Successful exploitation of this vulnerability may affect system stability.
|
|||||
| CVE-2022-22252 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
The DFX module has a UAF vulnerability.Successful exploitation of this vulnerability may affect system stability.
|
|||||
| CVE-2021-46814 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The video framework has an out-of-bounds memory read/write vulnerability. Successful exploitation of this vulnerability may affect system availability.
|
|||||
| CVE-2021-46813 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Vulnerability of residual files not being deleted after an update in the ChinaDRM module. Successful exploitation of this vulnerability may affect availability.
|
|||||
| CVE-2021-46811 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this vulnerability may cause disclosure of the Card Production Life Cycle (CPLC) information.
|
|||||
| CVE-2021-46789 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Configuration defects in the secure OS module. Successful exploitation of this vulnerability can affect availability.
|
|||||
| CVE-2021-46788 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations.
|
|||||
| CVE-2021-46787 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to crash.
|
|||||
| CVE-2021-46786 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
The audio module has a vulnerability in verifying the parameters passed by the application space.Successful exploitation of this vulnerability may cause out-of-bounds memory access.
|
|||||
| CVE-2021-46742 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings.Secure data.Successful exploitation of this vulnerability may affect the availability.
|
|||||
| CVE-2021-46741 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The basic framework and setting module have defects, which were introduced during the design. Successful exploitation of this vulnerability may affect system integrity.
|
|||||
| CVE-2021-40065 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The communication module has a service logic error vulnerability.Successful exploitation of this vulnerability may affect data confidentiality.
|
|||||
| CVE-2021-40064 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
There is a heap-based buffer overflow vulnerability in system components. Successful exploitation of this vulnerability may affect system stability.
|
|||||
| CVE-2021-40063 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
There is an improper access control vulnerability in the video module. Successful exploitation of this vulnerability may affect confidentiality.
|
|||||
| CVE-2021-40062 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability.
|
|||||
| CVE-2021-40061 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
There is a vulnerability of accessing resources using an incompatible type (type confusion) in the Bastet module. Successful exploitation of this vulnerability may affect integrity.
|
|||||
| CVE-2021-40060 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.
|
|||||
| CVE-2021-40059 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
|
There is a permission control vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect confidentiality.
|
|||||
| CVE-2021-40058 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.
|
|||||
| CVE-2021-40057 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
There is a heap-based and stack-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.
|
|||||
| CVE-2021-40056 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability.
|
|||||
| CVE-2021-40055 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 7.1 HIGH | 5.9 MEDIUM |
|
There is a man-in-the-middle attack vulnerability during system update download in recovery mode. Successful exploitation of this vulnerability may affect integrity.
|
|||||
| CVE-2021-40054 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
There is an integer underflow vulnerability in the atcmdserver module. Successful exploitation of this vulnerability may affect integrity.
|
|||||
| CVE-2021-40053 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
There is a permission control vulnerability in the Nearby module.Successful exploitation of this vulnerability will affect availability and integrity.
|
|||||
| CVE-2021-40052 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
There is an incorrect buffer size calculation vulnerability in the video framework.Successful exploitation of this vulnerability may affect availability.
|
|||||
| CVE-2021-40051 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
There is an unauthorized access vulnerability in system components. Successful exploitation of this vulnerability will affect confidentiality.
|
|||||
| CVE-2021-40050 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
There is an out-of-bounds read vulnerability in the IFAA module. Successful exploitation of this vulnerability may cause stack overflow.
|
|||||
| CVE-2021-40049 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
There is a permission control vulnerability in the PMS module. Successful exploitation of this vulnerability can lead to sensitive system information being obtained without authorization.
|
|||||
| CVE-2021-40048 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
There is an incorrect buffer size calculation vulnerability in the video framework. Successful exploitation of this vulnerability will affect availability.
|
|||||
| CVE-2021-40047 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
There is a vulnerability of memory not being released after effective lifetime in the Bastet module. Successful exploitation of this vulnerability may affect integrity.
|
|||||
| CVE-2021-40045 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
There is a vulnerability of signature verification mechanism failure in system upgrade through recovery mode.Successful exploitation of this vulnerability may affect service confidentiality.
|
|||||