Filtered by vendor Huawei
Subscribe
Total
2317 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-40016 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
|
Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect confidentiality.
|
|||||
| CVE-2021-40015 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 1.9 LOW | 4.7 MEDIUM |
|
There is a race condition vulnerability in the binder driver subsystem in the kernel.Successful exploitation of this vulnerability may affect kernel stability.
|
|||||
| CVE-2021-40013 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
|
Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect integrity.
|
|||||
| CVE-2021-40012 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Vulnerability of pointers being incorrectly used during data transmission in the video framework. Successful exploitation of this vulnerability may affect confidentiality.
|
|||||
| CVE-2021-40011 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
There is an uncontrolled resource consumption vulnerability in the display module. Successful exploitation of this vulnerability may affect integrity.
|
|||||
| CVE-2021-40010 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
The bone voice ID TA has a heap overflow vulnerability.Successful exploitation of this vulnerability may result in malicious code execution.
|
|||||
| CVE-2021-40009 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
There is an Out-of-bounds write vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
|
|||||
| CVE-2021-40008 | 1 Huawei | 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
There is a memory leak vulnerability in CloudEngine 12800 V200R019C00SPC800, CloudEngine 5800 V200R019C00SPC800, CloudEngine 6800 V200R019C00SPC800 and CloudEngine 7800 V200R019C00SPC800. The software does not sufficiently track and release allocated memory while parse a series of crafted binary messages, which could consume remaining memory. Successful exploit could cause memory exhaust.
|
|||||
| CVE-2021-40007 | 1 Huawei | 2 Ecns280 Td, Ecns280 Td Firmware | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
There is an information leak vulnerability in eCNS280_TD V100R005C10SPC650. The vulnerability is caused by improper log output management. An attacker with the ability to access the log file of device may lead to information disclosure.
|
|||||
| CVE-2021-40005 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The distributed data service component has a vulnerability in data access control. Successful exploitation of this vulnerability may affect data confidentiality.
|
|||||
| CVE-2021-40004 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The cellular module has a vulnerability in permission management. Successful exploitation of this vulnerability may affect data confidentiality.
|
|||||
| CVE-2021-40003 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
HwPCAssistant has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
|
|||||
| CVE-2021-40002 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
|
The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end.
|
|||||
| CVE-2021-40001 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
The CaasKit module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause the MeeTime application to be unavailable.
|
|||||
| CVE-2021-40000 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
|
The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end.
|
|||||
| CVE-2021-39999 | 1 Huawei | 2 Ese620x Vess, Ese620x Vess Firmware | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
There is a buffer overflow vulnerability in eSE620X vESS V100R001C10SPC200 and V100R001C20SPC200. An attacker can exploit this vulnerability by sending a specific message to the target device due to insufficient validation of packets. Successful exploit could cause a denial of service condition.
|
|||||
| CVE-2021-39998 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
There is Vulnerability of APIs being concurrently called for multiple times in HwConnectivityExService a in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart.
|
|||||
| CVE-2021-39997 | 1 Huawei | 1 Emui | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
There is a vulnerability of unstrict input parameter verification in the audio assembly.Successful exploitation of this vulnerability may cause out-of-bounds access.
|
|||||
| CVE-2021-39996 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
There is a Heap-based buffer overflow vulnerability with the NFC module in smartphones. Successful exploitation of this vulnerability may cause memory overflow.
|
|||||
| CVE-2021-39995 | 1 Huawei | 4 Ecns280 Td, Ecns280 Td Firmware, Ese620x Vess and 1 more | 2024-11-21 | 6.8 MEDIUM | 6.5 MEDIUM |
|
Some Huawei products use the OpenHpi software for hardware management. A function that parses data returned by OpenHpi contains an out-of-bounds read vulnerability that could lead to a denial of service. Affected product versions include: eCNS280_TD V100R005C10; eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300.
|
|||||
| CVE-2021-39994 | 1 Huawei | 1 Emui | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
There is an arbitrary address access vulnerability with the product line test code.Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.
|
|||||
| CVE-2021-39993 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
There is an Integer overflow vulnerability with ACPU in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access.
|
|||||
| CVE-2021-39992 | 1 Huawei | 1 Emui | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
There is an improper security permission configuration vulnerability on ACPU.Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.
|
|||||
| CVE-2021-39991 | 1 Huawei | 1 Emui | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Successful exploitation of this vulnerability may affect service confidentiality.
|
|||||
| CVE-2021-39986 | 1 Huawei | 1 Emui | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Successful exploitation of this vulnerability may affect service confidentiality.
|
|||||
| CVE-2021-39982 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
Phone Manager application has a Improper Privilege Management vulnerability.Successful exploitation of this vulnerability may read and write arbitrary files by tampering with Phone Manager notifications.
|
|||||
| CVE-2021-39981 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
|
Chang Lian application has a vulnerability which can be maliciously exploited to hide the calling number.Successful exploitation of this vulnerability allows you to make an anonymous call.
|
|||||
| CVE-2021-39980 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
Telephony application has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could lead to sensitive information disclosure.
|
|||||
| CVE-2021-39979 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
HHEE system has a Code Injection vulnerability.Successful exploitation of this vulnerability may affect HHEE system integrity.
|
|||||
| CVE-2021-39978 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Telephony application has a SQL Injection vulnerability.Successful exploitation of this vulnerability may cause privacy and security issues.
|
|||||
| CVE-2021-39976 | 1 Huawei | 2 Cloudengine 5800, Cloudengine 5800 Firmware | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
There is a privilege escalation vulnerability in CloudEngine 5800 V200R020C00SPC600. Due to lack of privilege restrictions, an authenticated local attacker can perform specific operation to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege.
|
|||||
| CVE-2021-39975 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Hilinksvc has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause denial of service attacks.
|
|||||
| CVE-2021-39974 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
There is an Out-of-bounds read in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
|
|||||
| CVE-2021-39973 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
There is a Null pointer dereference in Smartphones.Successful exploitation of this vulnerability may cause the kernel to break down.
|
|||||
| CVE-2021-39972 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
MyHuawei-App has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could compromise confidentiality.
|
|||||
| CVE-2021-39971 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Password vault has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability could compromise confidentiality.
|
|||||
| CVE-2021-39970 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
HwPCAssistant has a Improper Input Validation vulnerability.Successful exploitation of this vulnerability may create any file with the system app permission.
|
|||||
| CVE-2021-39969 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
|
|||||
| CVE-2021-39968 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Changlian Blocklist has a Business Logic Errors vulnerability .Successful exploitation of this vulnerability may expand the attack surface of the message class.
|
|||||
| CVE-2021-39966 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
There is an Uninitialized AOD driver structure in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
|
|||||