Filtered by vendor Huawei
Subscribe
Total
1867 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-29796 | 1 Huawei | 2 Emui, Harmonyos | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. | |||||
CVE-2021-22465 | 1 Huawei | 1 Harmonyos | 2022-05-03 | 2.1 LOW | 5.5 MEDIUM |
A component of the HarmonyOS has a Heap-based Buffer Overflow vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable. | |||||
CVE-2021-22385 | 1 Huawei | 2 Emui, Magic Ui | 2022-05-03 | 7.2 HIGH | 7.8 HIGH |
A component of the Huawei smartphone has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause Kernel Code Execution. | |||||
CVE-2021-22454 | 1 Huawei | 1 Harmonyos | 2022-05-03 | 2.1 LOW | 5.5 MEDIUM |
A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause core dump. | |||||
CVE-2021-22413 | 1 Huawei | 2 Emui, Magic Ui | 2022-05-03 | 5.0 MEDIUM | 7.5 HIGH |
There is an Integer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset. | |||||
CVE-2021-22361 | 1 Huawei | 4 Ecns280, Ecns280 Firmware, Ese620x Vess and 1 more | 2022-05-03 | 4.6 MEDIUM | 7.8 HIGH |
There is an improper authorization vulnerability in eCNS280 V100R005C00, V100R005C10 and eSE620X vESS V100R001C10SPC200, V100R001C20SPC200. A file access is not authorized correctly. Attacker with low access may launch privilege escalation in a specific scenario. This may compromise the normal service. | |||||
CVE-2021-37023 | 1 Huawei | 1 Harmonyos | 2022-05-03 | 6.4 MEDIUM | 6.5 MEDIUM |
There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause media files which can be reads and writes in non-distributed directories on any device on the network.. | |||||
CVE-2021-37101 | 1 Huawei | 2 Ais-bw50-00, Ais-bw50-00 Firmware | 2022-05-03 | 7.2 HIGH | 6.8 MEDIUM |
There is an improper authorization vulnerability in AIS-BW50-00 9.0.6.2(H100SP10C00) and 9.0.6.2(H100SP15C00). Due to improper authorization mangement, an attakcer can exploit this vulnerability by physical accessing the device and implant malicious code. Successfully exploit could leads to arbitrary code execution in the target device. | |||||
CVE-2021-37106 | 1 Huawei | 1 Fusioncompute | 2022-05-03 | 9.0 HIGH | 7.2 HIGH |
There is a command injection vulnerability in CMA service module of FusionCompute 6.3.0, 6.3.1, 6.5.0 and 8.0.0 when processing the default certificate file. The software constructs part of a command using external special input from users, but the software does not sufficiently validate the user input. Successful exploit could allow the attacker to inject certain commands to the system. | |||||
CVE-2021-36985 | 1 Huawei | 2 Emui, Magic Ui | 2022-05-03 | 7.8 HIGH | 7.5 HIGH |
There is a Code injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may exhaust system resources and cause the system to restart. | |||||
CVE-2021-22308 | 1 Huawei | 2 Emui, Magic Ui | 2022-05-03 | 2.1 LOW | 3.3 LOW |
There is a Business Logic Errors vulnerability in Huawei Smartphone. The malicious apps installed on the device can keep taking screenshots in the background. This issue does not cause system errors, but may cause personal information leakage. | |||||
CVE-2021-36993 | 1 Huawei | 2 Emui, Magic Ui | 2022-05-03 | 5.0 MEDIUM | 7.5 HIGH |
There is a Memory leaks vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability. | |||||
CVE-2021-22420 | 1 Huawei | 1 Harmonyos | 2022-05-03 | 7.2 HIGH | 7.8 HIGH |
A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause the underlying trust of the application trustlist mechanism is missing.. | |||||
CVE-2021-22468 | 1 Huawei | 1 Harmonyos | 2022-05-03 | 2.1 LOW | 3.3 LOW |
A component of the HarmonyOS has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability. Local attackers may exploit this vulnerability to cause kernel address leakage. | |||||
CVE-2021-40011 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-04-25 | 5.0 MEDIUM | 7.5 HIGH |
There is an uncontrolled resource consumption vulnerability in the display module. Successful exploitation of this vulnerability may affect integrity. | |||||
CVE-2020-1881 | 1 Huawei | 8 Nip6800, Nip6800 Firmware, Oceanstor 5310 and 5 more | 2022-04-22 | 5.0 MEDIUM | 7.5 HIGH |
NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of the function, the vulnerability can be exploited to cause service abnormal on affected devices. | |||||
CVE-2022-22256 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-04-19 | 5.0 MEDIUM | 7.5 HIGH |
The DFX module has an access control vulnerability.Successful exploitation of this vulnerability may affect data confidentiality. | |||||
CVE-2022-22255 | 1 Huawei | 2 Emui, Harmonyos | 2022-04-18 | 5.0 MEDIUM | 7.5 HIGH |
The application framework has a common DoS vulnerability.Successful exploitation of this vulnerability may affect the availability. | |||||
CVE-2022-22253 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-04-18 | 5.0 MEDIUM | 7.5 HIGH |
The DFX module has a vulnerability of improper validation of integrity check values.Successful exploitation of this vulnerability may affect system stability. | |||||
CVE-2022-22257 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-04-18 | 5.0 MEDIUM | 7.5 HIGH |
The customization framework has a vulnerability of improper permission control.Successful exploitation of this vulnerability may affect data integrity. |