Filtered by vendor Huawei
Subscribe
Total
2317 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-1692 | 1 Huawei | 2 Emui, Harmonyos | 2025-01-21 | N/A | 7.5 HIGH |
|
The window management module lacks permission verification.Successful exploitation of this vulnerability may affect confidentiality.
|
|||||
| CVE-2023-1696 | 1 Huawei | 2 Emui, Harmonyos | 2025-01-21 | N/A | 7.5 HIGH |
|
The multimedia video module has a vulnerability in data processing.Successful exploitation of this vulnerability may affect availability.
|
|||||
| CVE-2023-1694 | 1 Huawei | 2 Emui, Harmonyos | 2025-01-21 | N/A | 7.5 HIGH |
|
The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality.
|
|||||
| CVE-2023-1693 | 1 Huawei | 2 Emui, Harmonyos | 2025-01-21 | N/A | 7.5 HIGH |
|
The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality.
|
|||||
| CVE-2023-52710 | 1 Huawei | 2 Curiem-wfg9b, Curiem-wfg9b Firmware | 2025-01-17 | N/A | 7.8 HIGH |
|
Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26), As the communication buffer size hasn’t been properly validated to be of the expected size, it can partially overlap with the beginning SMRAM.This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of SMRAM and can potentially lead to code execution in SMM.
|
|||||
| CVE-2023-52547 | 1 Huawei | 2 Curiem-wfg9b, Curiem-wfg9b Firmware | 2025-01-17 | N/A | 7.8 HIGH |
|
Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26. Memory Corruption in SMI Handler of HddPassword SMM Module. This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of SMRAM and can potentially lead to code execution in SMM.
|
|||||
| CVE-2023-52548 | 1 Huawei | 2 Curiem-wfg9b, Curiem-wfg9b Firmware | 2025-01-17 | N/A | 7.8 HIGH |
|
Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26) Arbitrary Memory Corruption in SMI Handler of ThisiServicesSmm SMM module. This can be leveraged by a malicious OS attacker to corrupt arbitrary SMRAM memory and, in turn, lead to code execution in SMM
|
|||||
| CVE-2023-52711 | 1 Huawei | 2 Curiem-wfg9b, Curiem-wfg9b Firmware | 2025-01-17 | N/A | 7.8 HIGH |
|
Various Issues Due To Exposed SMI Handler in AmdPspP2CmboxV2. The first issue can be leveraged to bypass the protections that have been put in place by previous UEFI phases to prevent direct access to the SPI flash. The second issue can be used to both leak and corrupt SMM memory thus potentially leading code execution in SMM
|
|||||
| CVE-2023-52712 | 1 Huawei | 2 Curiem-wfg9b, Curiem-wfg9b Firmware | 2025-01-17 | N/A | 7.8 HIGH |
|
Various Issues Due To Exposed SMI Handler in AmdPspP2CmboxV2. The first issue can be leveraged to bypass the protections that have been put in place by previous UEFI phases to prevent direct access to the SPI flash. The second issue can be used to both leak and corrupt SMM memory, thus potentially leading code execution in SMM
|
|||||
| CVE-2024-54101 | 1 Huawei | 2 Emui, Harmonyos | 2025-01-17 | N/A | 6.2 MEDIUM |
|
Denial of service (DoS) vulnerability in the installation module
Impact: Successful exploitation of this vulnerability will affect availability.
|
|||||
| CVE-2023-31225 | 1 Huawei | 1 Emui | 2025-01-16 | N/A | 3.3 LOW |
|
The Gallery app has the risk of hijacking attacks. Successful exploitation of this vulnerability may cause download failures and affect product availability.
|
|||||
| CVE-2021-46886 | 1 Huawei | 1 Emui | 2025-01-16 | N/A | 7.5 HIGH |
|
The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.
|
|||||
| CVE-2021-46885 | 1 Huawei | 1 Emui | 2025-01-16 | N/A | 7.5 HIGH |
|
The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.
|
|||||
| CVE-2021-46884 | 1 Huawei | 1 Emui | 2025-01-16 | N/A | 7.5 HIGH |
|
The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.
|
|||||
| CVE-2021-46883 | 1 Huawei | 1 Emui | 2025-01-16 | N/A | 7.5 HIGH |
|
The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.
|
|||||
| CVE-2021-46882 | 1 Huawei | 1 Emui | 2025-01-16 | N/A | 7.5 HIGH |
|
The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.
|
|||||
| CVE-2021-46881 | 1 Huawei | 1 Emui | 2025-01-16 | N/A | 7.5 HIGH |
|
The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.
|
|||||
| CVE-2023-31226 | 1 Huawei | 1 Emui | 2025-01-15 | N/A | 7.5 HIGH |
|
The SDK for the MediaPlaybackController module has improper permission verification. Successful exploitation of this vulnerability may affect confidentiality.
|
|||||
| CVE-2023-0117 | 1 Huawei | 1 Emui | 2025-01-15 | N/A | 5.3 MEDIUM |
|
The online authentication provided by the hwKitAssistant lacks strict identity verification of applications. Successful exploitation of this vulnerability may affect availability of features,such as MeeTime.
|
|||||
| CVE-2021-46887 | 1 Huawei | 1 Emui | 2025-01-15 | N/A | 9.8 CRITICAL |
|
Lack of length check vulnerability in the HW_KEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds read.
|
|||||
| CVE-2023-31227 | 1 Huawei | 1 Emui | 2025-01-15 | N/A | 7.5 HIGH |
|
The hwPartsDFR module has a vulnerability in API calling verification. Successful exploitation of this vulnerability may affect device confidentiality.
|
|||||
| CVE-2023-0116 | 1 Huawei | 1 Emui | 2025-01-15 | N/A | 7.5 HIGH |
|
The reminder module lacks an authentication mechanism for broadcasts received. Successful exploitation of this vulnerability may affect availability.
|
|||||
| CVE-2022-48480 | 1 Huawei | 1 Emui | 2025-01-15 | N/A | 7.5 HIGH |
|
Integer overflow vulnerability in some phones. Successful exploitation of this vulnerability may affect service confidentiality.
|
|||||
| CVE-2022-48479 | 1 Huawei | 1 Harmonyos | 2025-01-15 | N/A | 9.8 CRITICAL |
|
The facial recognition TA of some products has the out-of-bounds memory read vulnerability. Successful exploitation of this vulnerability may cause exceptions of the facial recognition service.
|
|||||
| CVE-2022-48478 | 1 Huawei | 1 Harmonyos | 2025-01-15 | N/A | 9.8 CRITICAL |
|
The facial recognition TA of some products lacks memory length verification. Successful exploitation of this vulnerability may cause exceptions of the facial recognition service.
|
|||||
| CVE-2020-9222 | 1 Huawei | 1 Fusioncompute | 2025-01-15 | N/A | 7.0 HIGH |
|
There is a privilege escalation vulnerability in Huawei FusionCompute product. Due to insufficient verification on specific files that need to be deserialized, local attackers can exploit this vulnerability to elevate permissions. (Vulnerability ID: HWPSIRT-2020-05241)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9222.
|
|||||
| CVE-2020-9236 | 1 Huawei | 1 Fusioncompute | 2025-01-14 | N/A | 8.8 HIGH |
|
There is an improper interface design vulnerability in Huawei product. A module interface of the impated product does not deal with some operations properly. Attackers can exploit this vulnerability to perform malicious operatation to compromise module service. (Vulnerability ID: HWPSIRT-2020-05010)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9236.
|
|||||
| CVE-2024-54100 | 1 Huawei | 2 Emui, Harmonyos | 2025-01-14 | N/A | 6.2 MEDIUM |
|
Vulnerability of improper access control in the secure input module
Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
|
|||||
| CVE-2022-48681 | 1 Huawei | 2 Egrt-00, Egrt-00 Firmware | 2025-01-14 | N/A | 7.2 HIGH |
|
Some Huawei smart speakers have a memory overflow vulnerability. Successful exploitation of this vulnerability may cause certain functions to fail.
|
|||||
| CVE-2024-54102 | 1 Huawei | 1 Harmonyos | 2025-01-14 | N/A | 6.1 MEDIUM |
|
Race condition vulnerability in the DDR module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
|
|||||
| CVE-2024-54119 | 1 Huawei | 1 Harmonyos | 2025-01-14 | N/A | 6.2 MEDIUM |
|
Cross-process screen stack vulnerability in the UIExtension module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
|
|||||
| CVE-2024-54122 | 1 Huawei | 1 Harmonyos | 2025-01-14 | N/A | 6.2 MEDIUM |
|
Concurrent variable access vulnerability in the ability module
Impact: Successful exploitation of this vulnerability may affect availability.
|
|||||
| CVE-2020-9082 | 1 Huawei | 2 Mate 20, Mate 20 Firmware | 2025-01-14 | N/A | 3.5 LOW |
|
There is an information disclosure vulnerability in several smartphones. The system has a logic judging error under certain scenario, the attacker should gain the permit to execute commands in ADB mode and then do a series of operation on the phone. Successful exploit could allow the attacker to gain certain information from certain apps locked by Applock. (Vulnerability ID: HWPSIRT-2019-07112)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9082.
|
|||||
| CVE-2024-56456 | 1 Huawei | 1 Harmonyos | 2025-01-13 | N/A | 6.8 MEDIUM |
|
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module
Impact: Successful exploitation of this vulnerability may affect availability.
|
|||||
| CVE-2024-56455 | 1 Huawei | 1 Harmonyos | 2025-01-13 | N/A | 5.5 MEDIUM |
|
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module
Impact: Successful exploitation of this vulnerability may affect availability.
|
|||||
| CVE-2024-56454 | 1 Huawei | 1 Harmonyos | 2025-01-13 | N/A | 5.5 MEDIUM |
|
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module
Impact: Successful exploitation of this vulnerability may affect availability.
|
|||||
| CVE-2024-56453 | 1 Huawei | 1 Harmonyos | 2025-01-13 | N/A | 6.8 MEDIUM |
|
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module
Impact: Successful exploitation of this vulnerability may affect availability.
|
|||||
| CVE-2024-56452 | 1 Huawei | 1 Harmonyos | 2025-01-13 | N/A | 5.5 MEDIUM |
|
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module
Impact: Successful exploitation of this vulnerability may affect availability.
|
|||||
| CVE-2024-56451 | 1 Huawei | 1 Harmonyos | 2025-01-13 | N/A | 7.3 HIGH |
|
Integer overflow vulnerability during glTF model loading in the 3D engine module
Impact: Successful exploitation of this vulnerability may affect availability.
|
|||||
| CVE-2024-56450 | 1 Huawei | 2 Emui, Harmonyos | 2025-01-13 | N/A | 6.3 MEDIUM |
|
Buffer overflow vulnerability in the component driver module
Impact: Successful exploitation of this vulnerability may affect availability.
|
|||||