Filtered by vendor Huawei
Subscriptions
Total
2368 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-44552 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-01 | 7.5 High |
| The lock screen module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability. | ||||
| CVE-2022-44551 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-01 | 9.8 Critical |
| The iaware module has a vulnerability in thread security. Successful exploitation of this vulnerability will affect confidentiality, integrity, and availability. | ||||
| CVE-2022-44550 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-01 | 7.5 High |
| The graphics display module has a UAF vulnerability when traversing graphic layers. Successful exploitation of this vulnerability may affect system availability. | ||||
| CVE-2022-44549 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-01 | 7.5 High |
| The LBS module has a vulnerability in geofencing API access. Successful exploitation of this vulnerability may cause third-party apps to access the geofencing APIs without authorization, affecting user confidentiality. | ||||
| CVE-2022-44548 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-01 | 4.3 Medium |
| There is a vulnerability in permission verification during the Bluetooth pairing process. Successful exploitation of this vulnerability may cause the dialog box for confirming the pairing not to be displayed during Bluetooth pairing. | ||||
| CVE-2022-44561 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-01 | 7.5 High |
| The preset launcher module has a permission verification vulnerability. Successful exploitation of this vulnerability makes unauthorized apps add arbitrary widgets and shortcuts without interaction. | ||||
| CVE-2022-44560 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-01 | 5.3 Medium |
| The launcher module has an Intent redirection vulnerability. Successful exploitation of this vulnerability may cause launcher module data to be modified. | ||||
| CVE-2022-44559 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-01 | 9.8 Critical |
| The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation. | ||||
| CVE-2022-44558 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-01 | 9.8 Critical |
| The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation. | ||||
| CVE-2022-44557 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-01 | 7.5 High |
| The SmartTrimProcessEvent module has a vulnerability of obtaining the read and write permissions on arbitrary system files. Successful exploitation of this vulnerability may affect data confidentiality. | ||||
| CVE-2022-44555 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-01 | 7.5 High |
| The DDMP/ODMF module has a service hijacking vulnerability. Successful exploit of this vulnerability may cause services to be unavailable. | ||||
| CVE-2022-44554 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-01 | 7.5 High |
| The power module has a vulnerability in permission verification. Successful exploitation of this vulnerability may cause abnormal status of a module on the device. | ||||
| CVE-2022-44553 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-01 | 5.3 Medium |
| The HiView module has a vulnerability of not filtering third-party apps out when the HiView module traverses to invoke the system provider. Successful exploitation of this vulnerability may cause third-party apps to start periodically. | ||||
| CVE-2023-52370 | 1 Huawei | 2 Emui, Harmonyos | 2025-04-24 | 9.8 Critical |
| Stack overflow vulnerability in the network acceleration module.Successful exploitation of this vulnerability may cause unauthorized file access. | ||||
| CVE-2017-2711 | 1 Huawei | 2 P9 Plus, P9 Plus Firmware | 2025-04-20 | N/A |
| P9 Plus smartphones with software earlier than VIE-AL10C00B352 versions have an input validation vulnerability in the touchscreen Driver. An attacker can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to crash the system. | ||||
| CVE-2017-2712 | 1 Huawei | 2 S3300, S3300 Firmware | 2025-04-20 | N/A |
| S3300 V100R006C05 have an Ethernet in the First Mile (EFM) flapping vulnerability due to the lack of type-length-value (TLV) consistency check. An attacker may craft malformed packets and send them to a device to cause EFM flapping. | ||||
| CVE-2017-2713 | 1 Huawei | 2 P9, P9 Firmware | 2025-04-20 | N/A |
| HUAWEI P9 smartphones with software versions earlier before EVA-L09C432B383, versions earlier before EVA-L09C636B380, versions earlier before VIE-L09C432B370, versions earlier before VIE-L29C636B370 have an insufficient input validation vulnerability. An attacker could exploit this vulnerability to tamper with air interface signaling messages and obtain some communication information. | ||||
| CVE-2015-8671 | 1 Huawei | 1 Logcenter | 2025-04-20 | N/A |
| Huawei LogCenter V100R001C10 could allow an authenticated attacker to tamper with requests using a tool and submit a request to the server for privilege escalation, affecting some system functions. | ||||
| CVE-2017-2707 | 1 Huawei | 2 Mate 9, Mate 9 Firmware | 2025-04-20 | N/A |
| Mate 9 smartphones with software MHA-AL00AC00B125 have a privilege escalation vulnerability in Push module. An attacker tricks a user to save a rich media into message on the smart phone, which could be exploited to cause the attacker to delete message or fake user to send message. | ||||
| CVE-2017-2710 | 1 Huawei | 4 Beethoven-w09a, Beethoven-w09a Firmware, Crr-l09 and 1 more | 2025-04-20 | N/A |
| BTV-W09C229B002CUSTC229D005,BTV-W09C233B029, earlier than BTV-W09C100B006CUSTC100D002 versions, earlier than BTV-W09C128B003CUSTC128D002 versions, earlier than BTV-W09C199B002CUSTC199D002 versions, earlier than BTV-W09C209B005CUSTC209D001 versions, earlier than BTV-W09C331B002CUSTC331D001 versions, earlier than CRR-L09C432B390 versions, earlier than CRR-L09C605B355CUSTC605D003 versions have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can perform some operations to update the Google account. As a result, the FRP function is bypassed. | ||||