Skip to main content

Emui

543 CVEs product

Monthly

CVE-2022-38989 HIGH This Week

The secure OS module has configuration defects. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2022-38988 HIGH This Week

The secure OS module has configuration defects. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-38987 HIGH This Week

The secure OS module has configuration defects. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2022-38979 HIGH This Week

The secure OS module has configuration defects. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-38978 HIGH This Week

The secure OS module has configuration defects. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-37008 HIGH This Week

The recovery module has a vulnerability of bypassing the verification of an update package before use. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Emui Harmonyos Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2022-37007 HIGH This Week

The chinadrm module has an out-of-bounds read vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Emui Harmonyos Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2022-37006 HIGH This Week

Permission control vulnerability in the network module. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Emui Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2022-37005 HIGH This Week

The Settings application has an argument injection vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Emui Harmonyos Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-37004 HIGH This Week

The Settings application has a vulnerability of bypassing the out-of-box experience (OOBE). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Emui Harmonyos Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2022-37003 CRITICAL Act Now

The AOD module has a vulnerability in permission assignment. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation Emui Harmonyos Magic Ui
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2022-37002 CRITICAL Act Now

The SystemUI module has a privilege escalation vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Emui Harmonyos Magic Ui
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2022-34743 HIGH This Week

The AT commands of the USB port have an out-of-bounds read vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Emui Harmonyos Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-34742 HIGH This Week

The system module has a read/write vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Emui Harmonyos Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-34741 MEDIUM This Month

The NFC module has a buffer overflow vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Emui Harmonyos Magic Ui
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-34740 MEDIUM This Month

The NFC module has a buffer overflow vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Emui Harmonyos Magic Ui
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-34739 HIGH This Week

The fingerprint module has a vulnerability of overflow in arithmetic addition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Emui Harmonyos Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-34738 HIGH This Week

The SystemUI module has a vulnerability in permission control. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2022-34737 CRITICAL Act Now

The application security module has a vulnerability in permission assignment. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Emui Harmonyos Magic Ui
NVD
CVSS 3.1
9.1
EPSS
0.6%
CVE-2022-34736 HIGH This Week

The frame scheduling module has a null pointer dereference vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Emui Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-34735 HIGH This Week

The frame scheduling module has a null pointer dereference vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Emui Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-31761 HIGH This Week

Configuration defects in the secure OS module. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-31760 CRITICAL Act Now

Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos Magic Ui
NVD
CVSS 3.1
9.1
EPSS
0.6%
CVE-2022-31757 HIGH This Week

The setting module has a vulnerability of improper use of APIs. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-31754 HIGH This Week

Logical defects in code implementation in some products. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-31753 HIGH This Week

The voice wakeup module has a vulnerability of using externally-controlled format strings. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-31752 MEDIUM This Month

Missing authorization vulnerability in the system components. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Emui Magic Ui
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-31763 MEDIUM This Month

The kernel module has the null pointer and out-of-bounds array vulnerabilities. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Emui Harmonyos
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-31762 HIGH This Week

The AMS module has a vulnerability in input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Emui Harmonyos Magic Ui
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-31759 MEDIUM This Month

AppLink has a vulnerability of accessing uninitialized pointers. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure Emui Harmonyos Magic Ui
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-31758 MEDIUM This Month

The kernel module has the race condition vulnerability. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Information Disclosure Emui Harmonyos Magic Ui
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2022-31756 MEDIUM This Month

The fingerprint sensor module has design defects. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos Magic Ui
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-31755 MEDIUM This Month

The communication module has a vulnerability of improper permission preservation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos Magic Ui
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-31751 MEDIUM This Month

The kernel emcom module has multi-thread contention. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos Magic Ui
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-22252 HIGH This Week

The DFX module has a UAF vulnerability.Successful exploitation of this vulnerability may affect system stability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Information Disclosure Emui Harmonyos +1
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-29796 HIGH This Week

The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-29795 HIGH This Week

The frame scheduling module has a null pointer dereference vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Emui Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-29794 CRITICAL Act Now

The frame scheduling module has a Use After Free (UAF) vulnerability.Successful exploitation of this vulnerability will affect data integrity, availability, and confidentiality. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption Use After Free Emui Harmonyos
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2022-29793 HIGH This Week

There is a configuration defect in the activation lock of mobile phones.Successful exploitation of this vulnerability may affect application availability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-29792 HIGH This Week

The chip component has a vulnerability of disclosing CPU SNs.Successful exploitation of this vulnerability may affect data confidentiality. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-29791 HIGH This Week

The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-29790 HIGH This Week

The graphics acceleration service has a vulnerability in multi-thread access to the database.Successful exploitation of this vulnerability may cause service exceptions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-29789 HIGH This Week

The HiAIserver has a vulnerability in verifying the validity of the properties used in the model.Successful exploitation of this vulnerability will affect AI services. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-22261 HIGH This Week

The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-22260 CRITICAL Act Now

The kernel module has a UAF vulnerability.Successful exploitation of this vulnerability will affect data integrity and availability. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Information Disclosure Emui Harmonyos
NVD
CVSS 3.1
9.1
EPSS
0.6%
CVE-2022-22258 CRITICAL Act Now

The Wi-Fi module has an event notification vulnerability.Successful exploitation of this vulnerability may allow third-party applications to intercept event notifications and add information and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos Magic Ui
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-22257 HIGH This Week

The customization framework has a vulnerability of improper permission control.Successful exploitation of this vulnerability may affect data integrity. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Emui Harmonyos Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2022-22256 HIGH This Week

The DFX module has an access control vulnerability.Successful exploitation of this vulnerability may affect data confidentiality. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-22255 HIGH This Week

The application framework has a common DoS vulnerability.Successful exploitation of this vulnerability may affect the availability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-22254 HIGH This Week

A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation of this vulnerability may affect data confidentiality. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Emui Harmonyos Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-22253 HIGH This Week

The DFX module has a vulnerability of improper validation of integrity check values.Successful exploitation of this vulnerability may affect system stability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2021-37097 HIGH This Week

There is a Code Injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to system restart. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei RCE Code Injection Harmonyos Emui +1
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37093 MEDIUM This Month

There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers steal short messages. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos Emui Magic Ui
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2021-37092 HIGH This Week

There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos Emui Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37075 HIGH This Week

There is a Credentials Management Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to confidentiality affected. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos Emui Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37074 HIGH This Week

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the user root privilege escalation. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Huawei Privilege Escalation Race Condition Harmonyos Emui +1
NVD
CVSS 3.1
8.1
EPSS
0.6%
CVE-2021-37069 HIGH This Week

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Huawei Race Condition Harmonyos Emui +1
NVD
CVSS 3.1
7.4
EPSS
0.5%
CVE-2021-37054 HIGH This Week

There is an Identity spoofing and authentication bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Authentication Bypass Harmonyos Emui Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37053 HIGH This Week

There is a Service logic vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos Emui Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37052 HIGH This Week

There is an Exception log vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause address information leakage. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos Emui Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37051 CRITICAL Act Now

There is an Out-of-bounds read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds memory access. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Information Disclosure Harmonyos Emui +1
NVD
CVSS 3.1
9.1
EPSS
0.8%
CVE-2021-37050 HIGH This Week

There is a Missing sensitive data encryption vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos Emui Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2021-37049 CRITICAL Act Now

There is a Heap-based buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may rewrite the memory of adjacent objects. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Memory Corruption Harmonyos Emui +1
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2021-37045 CRITICAL Act Now

There is an UAF vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart unexpectedly and the kernel-mode code to be executed. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Huawei Memory Corruption Information Disclosure Harmonyos +2
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2021-37044 HIGH This Week

There is a Permission control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos Emui Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-37040 CRITICAL Act Now

There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause privilege escalation of files after CIFS share mounting. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Privilege Escalation Harmonyos Emui Magic Ui
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2021-37039 MEDIUM This Month

There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause Bluetooth DoS. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos Emui Magic Ui
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2021-37037 HIGH This Week

There is an Invalid address access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui Harmonyos Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37043 HIGH This Week

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to malicious application processes occupy system resources. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Authentication Bypass Emui Harmonyos +1
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-37021 CRITICAL Act Now

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Memory Corruption Emui Harmonyos +1
NVD
CVSS 3.1
9.1
EPSS
0.8%
CVE-2021-37020 CRITICAL Act Now

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Memory Corruption Emui Harmonyos +1
NVD
CVSS 3.1
9.1
EPSS
0.8%
CVE-2021-37056 MEDIUM This Month

There is an Improper permission control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to obtain certain device information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2021-37055 MEDIUM This Month

There is a Logic bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to obtain certain device information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Authentication Bypass Emui Magic Ui
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2021-37047 HIGH This Week

There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause some services to restart. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37046 HIGH This Week

There is a Memory leak vulnerability with the codec detection module in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart due to memory exhaustion. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37042 CRITICAL Act Now

There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds read. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
9.1
EPSS
0.7%
CVE-2021-37041 CRITICAL Act Now

There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds read. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
9.1
EPSS
0.7%
CVE-2021-37038 HIGH This Week

There is an Improper access control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37035 HIGH This Week

There is a Remote DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the app to exit unexpectedly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37034 HIGH This Week

There is an Unstandardized field names in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37033 HIGH This Week

There is an Injection attack vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Code Injection Emui Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37032 MEDIUM This Month

There is a Bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause Digital Balance to fail to work. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Authentication Bypass Emui Magic Ui
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2021-37031 HIGH This Week

There is a Remote DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the app to exit unexpectedly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37030 HIGH This Week

There is an Improper permission vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Privilege Escalation Emui Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-37029 MEDIUM This Month

There is an Identity verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2021-37002 CRITICAL Act Now

There is a Memory out-of-bounds access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause malicious code to be executed. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Emui Magic Ui
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2021-37001 HIGH This Week

There is a Register tampering vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow the register value to be modified. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-36999 HIGH This Week

There is a Buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by sending malicious images and inducing users to open the images may cause remote code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei RCE Emui Magic Ui
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-36998 MEDIUM This Month

There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to read an array that is out of bounds. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2021-36997 MEDIUM This Month

There is a Low memory error in Huawei Smartphone due to the unlimited size of images to be parsed.Successful exploitation of this vulnerability may cause the Gallery or Files app to exit unexpectedly. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
5.3
EPSS
0.6%
EPSS 0% CVSS 7.5
HIGH This Week

The secure OS module has configuration defects. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

The secure OS module has configuration defects. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

The secure OS module has configuration defects. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

The secure OS module has configuration defects. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

The secure OS module has configuration defects. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

The recovery module has a vulnerability of bypassing the verification of an update package before use. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Emui Harmonyos +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The chinadrm module has an out-of-bounds read vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Emui +2
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Permission control vulnerability in the network module. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Emui Harmonyos
NVD
EPSS 0% CVSS 7.5
HIGH This Week

The Settings application has an argument injection vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Emui Harmonyos +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The Settings application has a vulnerability of bypassing the out-of-box experience (OOBE). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Emui Harmonyos +1
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

The AOD module has a vulnerability in permission assignment. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation Emui +2
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

The SystemUI module has a privilege escalation vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Emui +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The AT commands of the USB port have an out-of-bounds read vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Emui +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The system module has a read/write vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Emui +2
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

The NFC module has a buffer overflow vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Emui Harmonyos +1
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

The NFC module has a buffer overflow vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Emui Harmonyos +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The fingerprint module has a vulnerability of overflow in arithmetic addition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Emui Harmonyos +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The SystemUI module has a vulnerability in permission control. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos +1
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

The application security module has a vulnerability in permission assignment. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Emui Harmonyos +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The frame scheduling module has a null pointer dereference vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Emui +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The frame scheduling module has a null pointer dereference vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Emui +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Configuration defects in the secure OS module. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Magic Ui
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The setting module has a vulnerability of improper use of APIs. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Logical defects in code implementation in some products. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Magic Ui
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The voice wakeup module has a vulnerability of using externally-controlled format strings. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Missing authorization vulnerability in the system components. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Emui Magic Ui
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

The kernel module has the null pointer and out-of-bounds array vulnerabilities. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Emui +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The AMS module has a vulnerability in input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Emui Harmonyos +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

AppLink has a vulnerability of accessing uninitialized pointers. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure Emui +2
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

The kernel module has the race condition vulnerability. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Information Disclosure Emui +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

The fingerprint sensor module has design defects. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

The communication module has a vulnerability of improper permission preservation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

The kernel emcom module has multi-thread contention. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The DFX module has a UAF vulnerability.Successful exploitation of this vulnerability may affect system stability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Information Disclosure +3
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The frame scheduling module has a null pointer dereference vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Emui +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

The frame scheduling module has a Use After Free (UAF) vulnerability.Successful exploitation of this vulnerability will affect data integrity, availability, and confidentiality. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption Use After Free +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

There is a configuration defect in the activation lock of mobile phones.Successful exploitation of this vulnerability may affect application availability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The chip component has a vulnerability of disclosing CPU SNs.Successful exploitation of this vulnerability may affect data confidentiality. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The graphics acceleration service has a vulnerability in multi-thread access to the database.Successful exploitation of this vulnerability may cause service exceptions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The HiAIserver has a vulnerability in verifying the validity of the properties used in the model.Successful exploitation of this vulnerability will affect AI services. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

The kernel module has a UAF vulnerability.Successful exploitation of this vulnerability will affect data integrity and availability. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Information Disclosure +2
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

The Wi-Fi module has an event notification vulnerability.Successful exploitation of this vulnerability may allow third-party applications to intercept event notifications and add information and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The customization framework has a vulnerability of improper permission control.Successful exploitation of this vulnerability may affect data integrity. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Emui Harmonyos +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The DFX module has an access control vulnerability.Successful exploitation of this vulnerability may affect data confidentiality. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The application framework has a common DoS vulnerability.Successful exploitation of this vulnerability may affect the availability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation of this vulnerability may affect data confidentiality. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Emui Harmonyos +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

The DFX module has a vulnerability of improper validation of integrity check values.Successful exploitation of this vulnerability may affect system stability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

There is a Code Injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to system restart. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei RCE Code Injection +3
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers steal short messages. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

There is a Credentials Management Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to confidentiality affected. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos +2
NVD
EPSS 1% CVSS 8.1
HIGH This Week

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the user root privilege escalation. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Huawei Privilege Escalation Race Condition +3
NVD
EPSS 1% CVSS 7.4
HIGH This Week

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Huawei Race Condition +3
NVD
EPSS 1% CVSS 7.5
HIGH This Week

There is an Identity spoofing and authentication bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Authentication Bypass Harmonyos +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

There is a Service logic vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

There is an Exception log vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause address information leakage. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos +2
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

There is an Out-of-bounds read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds memory access. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Information Disclosure +3
NVD
EPSS 0% CVSS 7.5
HIGH This Week

There is a Missing sensitive data encryption vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos +2
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

There is a Heap-based buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may rewrite the memory of adjacent objects. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Memory Corruption +3
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

There is an UAF vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart unexpectedly and the kernel-mode code to be executed. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Huawei Memory Corruption +4
NVD
EPSS 1% CVSS 7.5
HIGH This Week

There is a Permission control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos +2
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause privilege escalation of files after CIFS share mounting. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Privilege Escalation Harmonyos +2
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause Bluetooth DoS. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

There is an Invalid address access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to malicious application processes occupy system resources. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Authentication Bypass +3
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Memory Corruption +3
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Memory Corruption +3
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

There is an Improper permission control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to obtain certain device information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui +1
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

There is a Logic bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to obtain certain device information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Authentication Bypass Emui +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause some services to restart. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

There is a Memory leak vulnerability with the codec detection module in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart due to memory exhaustion. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui +1
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds read. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Information Disclosure +2
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds read. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Information Disclosure +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

There is an Improper access control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

There is a Remote DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the app to exit unexpectedly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

There is an Unstandardized field names in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

There is an Injection attack vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Code Injection Emui +1
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

There is a Bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause Digital Balance to fail to work. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Authentication Bypass Emui +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

There is a Remote DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the app to exit unexpectedly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

There is an Improper permission vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Privilege Escalation Emui +1
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

There is an Identity verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

There is a Memory out-of-bounds access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause malicious code to be executed. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Emui +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

There is a Register tampering vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow the register value to be modified. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

There is a Buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by sending malicious images and inducing users to open the images may cause remote code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei RCE +2
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to read an array that is out of bounds. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui +1
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

There is a Low memory error in Huawei Smartphone due to the unlimited size of images to be parsed.Successful exploitation of this vulnerability may cause the Gallery or Files app to exit unexpectedly. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui +1
NVD
Prev Page 5 of 7 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy