Filtered by vendor Huawei
Subscriptions
Total
2226 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-44550 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-01 | 7.5 High |
| The graphics display module has a UAF vulnerability when traversing graphic layers. Successful exploitation of this vulnerability may affect system availability. | ||||
| CVE-2022-44549 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-01 | 7.5 High |
| The LBS module has a vulnerability in geofencing API access. Successful exploitation of this vulnerability may cause third-party apps to access the geofencing APIs without authorization, affecting user confidentiality. | ||||
| CVE-2022-44548 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-01 | 4.3 Medium |
| There is a vulnerability in permission verification during the Bluetooth pairing process. Successful exploitation of this vulnerability may cause the dialog box for confirming the pairing not to be displayed during Bluetooth pairing. | ||||
| CVE-2022-44561 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-01 | 7.5 High |
| The preset launcher module has a permission verification vulnerability. Successful exploitation of this vulnerability makes unauthorized apps add arbitrary widgets and shortcuts without interaction. | ||||
| CVE-2022-44560 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-01 | 5.3 Medium |
| The launcher module has an Intent redirection vulnerability. Successful exploitation of this vulnerability may cause launcher module data to be modified. | ||||
| CVE-2022-44559 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-01 | 9.8 Critical |
| The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation. | ||||
| CVE-2022-44558 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-01 | 9.8 Critical |
| The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation. | ||||
| CVE-2022-44557 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-01 | 7.5 High |
| The SmartTrimProcessEvent module has a vulnerability of obtaining the read and write permissions on arbitrary system files. Successful exploitation of this vulnerability may affect data confidentiality. | ||||
| CVE-2022-44555 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-01 | 7.5 High |
| The DDMP/ODMF module has a service hijacking vulnerability. Successful exploit of this vulnerability may cause services to be unavailable. | ||||
| CVE-2022-44554 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-01 | 7.5 High |
| The power module has a vulnerability in permission verification. Successful exploitation of this vulnerability may cause abnormal status of a module on the device. | ||||
| CVE-2022-44553 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-01 | 5.3 Medium |
| The HiView module has a vulnerability of not filtering third-party apps out when the HiView module traverses to invoke the system provider. Successful exploitation of this vulnerability may cause third-party apps to start periodically. | ||||
| CVE-2023-52370 | 1 Huawei | 2 Emui, Harmonyos | 2025-04-24 | 9.8 Critical |
| Stack overflow vulnerability in the network acceleration module.Successful exploitation of this vulnerability may cause unauthorized file access. | ||||
| CVE-2017-8132 | 1 Huawei | 1 Fusionsphere Openstack | 2025-04-20 | N/A |
| The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated attacker can exploit the vulnerabilities to gain root privileges by sending some messages with malicious commands. | ||||
| CVE-2017-8135 | 1 Huawei | 1 Fusionsphere Openstack | 2025-04-20 | N/A |
| The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated attacker can exploit the vulnerabilities to gain root privileges by sending some messages with malicious commands. | ||||
| CVE-2017-8123 | 1 Huawei | 1 Uma | 2025-04-20 | N/A |
| The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges. | ||||
| CVE-2017-8130 | 1 Huawei | 1 Uma | 2025-04-20 | N/A |
| The UMA product with software V200R001 and V300R001 has an information leak vulnerability. An attacker could exploit them to obtain some sensitive information, causing information leak. | ||||
| CVE-2017-8127 | 1 Huawei | 1 Uma | 2025-04-20 | N/A |
| The UMA product with software V200R001 has a cross-site scripting (XSS) vulnerability due to insufficient input validation. An attacker could craft malicious links or scripts to launch XSS attacks. | ||||
| CVE-2017-8208 | 1 Huawei | 4 Honor 5c, Honor 5c Firmware, Honor 6x and 1 more | 2025-04-20 | N/A |
| The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege of the Android system, the APP can send a specific parameter to the driver of the smart phone, causing a system reboot or arbitrary code execution. | ||||
| CVE-2017-8129 | 1 Huawei | 1 Uma | 2025-04-20 | N/A |
| The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges. | ||||
| CVE-2016-8803 | 1 Huawei | 1 Fusionstorage | 2025-04-20 | N/A |
| The maintenance module in Huawei FusionStorage V100R003C30U1 allows attackers to create documents according to special rules to obtain the OS root privilege of FusionStorage. | ||||