📦 Harmonyos

This CVE describes an authentication bypass vulnerability in Huawei device authentication modules that allows attackers to bypass authentication mechanisms and gain unauthorized access. It affects mul...

A permission control vulnerability in the memory management module allows unauthorized access to sensitive memory regions. This affects confidentiality by potentially exposing protected data. Huawei l...

This vulnerability involves uncaught exceptions in the Graphics module that could allow attackers to access sensitive information. It affects systems running Huawei software with the vulnerable Graphi...

This CVE describes an access control vulnerability in Huawei's security verification module that could allow unauthorized access to sensitive information. The vulnerability affects Huawei consumer dev...

This vulnerability allows attackers to bypass package name verification in the HwIms module, potentially disrupting services. It affects Huawei devices running HarmonyOS with the vulnerable HwIms modu...

This CVE describes an improper permission control vulnerability in the window management module of Huawei/HarmonyOS devices. Successful exploitation allows attackers to affect system availability, pot...

This CVE describes a script injection vulnerability in Huawei's email module that allows attackers to execute arbitrary code. Successful exploitation could compromise confidentiality, integrity, and a...

This vulnerability involves incorrect service logic in Huawei's WindowManagerServices module, allowing attackers to cause abnormal feature behavior. It affects Huawei devices running HarmonyOS. With a...

A stack overflow vulnerability in the NFC module allows attackers to execute arbitrary code or cause denial of service. This affects Huawei devices running HarmonyOS with vulnerable NFC implementation...

This CVE describes a component exposure vulnerability in Huawei Wi-Fi modules that could allow attackers to compromise service availability and integrity. The vulnerability affects Huawei devices runn...

This CVE-2023-52103 is a critical buffer overflow vulnerability in Huawei's FLP module that allows out-of-bounds read attacks. Successful exploitation could lead to arbitrary code execution or system ...

This CVE-2023-46773 is a permission management vulnerability in Huawei's PMS (Package Management Service) module that allows local attackers to escalate privileges on affected devices. The vulnerabili...

This vulnerability allows attackers to bypass identity verification in the face unlock module on affected Huawei devices. Successful exploitation could compromise device integrity and confidentiality ...

This vulnerability in Huawei's APPWidget module allows apps to run without proper authorization due to insufficient permission verification. It affects Huawei devices running HarmonyOS, potentially en...

This CVE describes a critical privilege escalation vulnerability in Huawei/HarmonyOS window management modules where permissions are not strictly verified. Attackers can exploit this to gain elevated ...

This CVE-2023-44106 is an API permission management vulnerability in Huawei's Fwk-Display module that allows unauthorized access to display framework functions. Successful exploitation could lead to a...

The DP module in HarmonyOS has a service hijacking vulnerability that allows attackers to intercept or manipulate Super Device services. This affects HarmonyOS devices using the vulnerable DP module, ...

This CVE-2023-41296 is a missing authorization vulnerability in a Huawei kernel module that allows unauthorized access to kernel functions. Successful exploitation could compromise system integrity an...

CVE-2023-39407 is a path traversal vulnerability in Watchkit that allows unauthorized file access. Attackers can read or modify files outside intended directories, affecting confidentiality and integr...

This CVE describes a parameter verification vulnerability in Huawei's installd module that allows unauthorized reading and writing of sandbox files. Attackers could potentially access or modify sensit...

A permission bypass vulnerability in Huawei's system service framework allows attackers to circumvent intended access controls. This affects availability of Huawei consumer devices and wearables. User...

This CVE describes an improper verification vulnerability in Huawei email applications that could allow attackers to access sensitive information. The vulnerability affects confidentiality by potentia...

This CVE describes a use-after-free concurrency vulnerability in the graphics module that could allow an attacker to cause system instability or crashes. It primarily affects Huawei consumer devices w...

A double free vulnerability in Huawei's multi-mode input module could allow attackers to execute arbitrary code or cause denial of service. This affects Huawei consumer devices with vulnerable input m...

A race condition vulnerability in the card framework module allows attackers to disrupt system availability through multi-threaded exploitation. This affects Huawei consumer devices including laptops ...

A race condition vulnerability in the video framework module allows attackers to cause denial of service by exploiting multi-threading timing issues. This affects Huawei devices with vulnerable video ...

A race condition vulnerability in the card framework module allows attackers to disrupt system availability through multi-threaded exploitation. This affects Huawei consumer devices including laptops,...

A race condition vulnerability in Huawei's card framework module allows attackers to disrupt system availability through multi-threaded exploitation. This affects Huawei consumer devices including lap...

A race condition vulnerability in the card framework module allows attackers to cause denial of service by exploiting multi-threading issues. This affects Huawei consumer devices including laptops and...

A race condition vulnerability in the network module could allow attackers to access sensitive information during concurrent operations. This affects Huawei products with the vulnerable network module...

A race condition vulnerability in Huawei network management modules allows attackers to cause denial-of-service conditions by exploiting multi-threading timing issues. This affects Huawei network equi...

This CVE describes an input verification vulnerability in Huawei's compression/decompression module that could allow attackers to manipulate or corrupt application data. The vulnerability affects Huaw...

A permission control vulnerability in Huawei's Settings module allows unauthorized access to sensitive system settings. This affects Huawei devices running vulnerable firmware versions, potentially ex...

This vulnerability involves improper security checks in a call module, allowing attackers to bypass intended restrictions. Successful exploitation could cause abnormal feature behavior, potentially le...

This CVE describes a denial-of-service vulnerability in Huawei's video-related system service module. Attackers can exploit this vulnerability to crash or degrade the service, affecting availability. ...

This CVE describes a use-after-free vulnerability in the screen recording framework module that could allow attackers to crash affected systems, potentially causing denial of service. The vulnerabilit...

A permission control vulnerability in Huawei's distributed component allows unauthorized access to sensitive information. This affects Huawei products using the vulnerable distributed component, poten...

A stack-based buffer overflow vulnerability (CWE-121) in Huawei's package management module allows attackers to cause denial of service by sending specially crafted data. This affects Huawei devices r...

A Use After Free vulnerability in Huawei office service allows attackers to access sensitive information after memory has been freed. This affects Huawei devices running vulnerable versions of the off...

This vulnerability involves improper handling of abnormal conditions during huge page separation in memory management. Successful exploitation could cause system crashes or denial of service, affectin...

This CVE describes an out-of-bounds write vulnerability in the Skia graphics library. Successful exploitation could allow attackers to write beyond allocated memory boundaries, potentially leading to ...

This CVE describes an authentication bypass vulnerability in Huawei's devicemanager module that allows attackers to access restricted functionality without proper credentials. It primarily affects Hua...

The Gallery module in affected Huawei products contains an EXTRA_REFERRER resource read vulnerability that allows unauthorized access to sensitive information. This affects service confidentiality by ...

This CVE describes an authentication management vulnerability in Huawei's ArkWeb module that could allow attackers to bypass authentication mechanisms. Successful exploitation may compromise service c...

A race condition vulnerability in the virtualization base module could allow attackers to compromise the confidentiality and integrity of the virtualization graphics module. This affects systems using...

A path traversal vulnerability (CWE-22) in Huawei's virtualization base module allows attackers to access files outside the intended directory. This affects systems running vulnerable Huawei virtualiz...

This vulnerability allows unauthorized devices to bypass authentication and access distributed camera functions without user consent. It affects Huawei distributed camera systems where improper authen...

This CVE describes an authentication bypass vulnerability in Huawei device management channels that could allow unauthorized access to management functions. Successful exploitation could compromise se...

This vulnerability involves improper permission assignment in a note sharing module, allowing unauthorized access or manipulation of shared notes. Successful exploitation could disrupt availability of...

A permission bypass vulnerability in the media library module allows unauthorized access to restricted media resources. This affects systems running the vulnerable software where the media library is ...

This vulnerability in the arkweb v8 module allows WebAssembly (Wasm) exceptions to be improperly captured, potentially leading to application instability or crashes. It affects systems using Huawei's ...

This CVE describes an improper authentication logic implementation in a file system module that could allow unauthorized access to sensitive data. Successful exploitation could compromise service conf...

A deserialization mismatch vulnerability in the DSoftBus module allows attackers to manipulate serialized data to potentially execute arbitrary code or disrupt services. This affects systems running H...

This CVE describes an access control vulnerability in Huawei's security verification module that allows attackers to bypass authentication mechanisms. Successful exploitation could compromise system i...

This CVE describes a memory write permission bypass vulnerability in the Linux kernel's futex (fast userspace mutex) module. Attackers could potentially exploit this to write to kernel memory they sho...

This CVE describes an access control vulnerability in Huawei's security verification module that allows attackers to bypass authentication mechanisms. Successful exploitation compromises system integr...

This CVE describes an authentication bypass vulnerability in Huawei's security verification module that allows attackers to circumvent access controls. Successful exploitation could lead to unauthoriz...

This vulnerability in the ArkUI framework's SVG parsing module allows attackers to cause denial of service by exploiting exception capture failures. It affects applications using ArkUI for SVG renderi...

A buffer overflow vulnerability in the codec module could allow attackers to crash affected systems, potentially causing denial of service. This affects Huawei devices and software using the vulnerabl...

This CVE describes a permission verification bypass vulnerability in Huawei's notification module that allows attackers to bypass intended access controls. Successful exploitation could disrupt system...

This vulnerability involves uninitialized pointer access in a scanning module, which could cause crashes or denial of service. It affects Huawei consumer devices with vulnerable scanning software. The...

A race condition vulnerability in Huawei device security management modules could allow attackers to disrupt system availability through timing-based attacks. This affects Huawei consumer devices incl...

A race condition vulnerability in the printing module could allow attackers to disrupt printing services, potentially causing denial of service. This affects Huawei devices with vulnerable printing co...

A race condition vulnerability in Huawei's security control module could allow attackers to disrupt system availability through timing-based attacks. This affects Huawei consumer devices running vulne...

A double free vulnerability in the window module could allow attackers to crash affected systems, potentially causing denial of service. This affects Huawei consumer devices including laptops and othe...

A data processing vulnerability in the certificate management module could allow attackers to access sensitive information. This affects Huawei consumer devices with vulnerable certificate management ...

A permission control vulnerability in the cellular_data module could allow unauthorized access to cellular data functionality. This affects Huawei consumer devices including smartphones, laptops, wear...

A permission control vulnerability in the AMS module could allow attackers to disrupt system availability. This affects Huawei devices running vulnerable versions of the AMS module. Users of affected ...

This vulnerability involves improper permission control in the print module, allowing unauthorized access to sensitive information. It affects systems using the vulnerable print module and could compr...

This CVE describes an out-of-bounds access vulnerability in a frequency modulation module that could allow attackers to cause denial of service conditions. The vulnerability affects availability of sy...

This CVE describes an out-of-bounds write vulnerability in a file system module that could allow attackers to write data beyond allocated memory boundaries. Successful exploitation could affect servic...

An out-of-bounds read vulnerability in the graphics module could allow attackers to read memory beyond allocated buffers, potentially causing application crashes or system instability. This affects Hu...

This vulnerability involves an improper security check in the card module, potentially allowing unauthorized access to sensitive information. It affects Huawei devices with the vulnerable card module ...

This CVE describes a permission verification bypass vulnerability in the media library module that allows unauthorized access to protected media content. It affects Huawei consumer devices with vulner...

A data verification vulnerability in the HiView module could allow attackers to disrupt system availability by sending malformed data. This affects Huawei devices with the vulnerable HiView component....

A permission control vulnerability in Huawei's Notepad module could allow unauthorized access to sensitive information. This affects users of Huawei consumer devices with the vulnerable Notepad softwa...

A permission control vulnerability in Huawei's Notepad module could allow unauthorized access to sensitive information. This affects Huawei consumer devices with the vulnerable Notepad software instal...

This vulnerability involves improper permission control in the print module, allowing unauthorized access to sensitive information. It affects Huawei devices with the vulnerable print module installed...

A race condition vulnerability in the thermal management module allows concurrent threads to interfere with temperature control operations. This could lead to system instability or crashes, affecting ...

This CVE describes a permission verification bypass vulnerability in the media library module that allows unauthorized access to protected media content. Attackers can exploit this flaw to view sensit...

A race condition vulnerability in the camera framework module allows attackers to cause denial of service by exploiting multi-threading timing issues. This affects Huawei devices with vulnerable camer...

A race condition vulnerability in the camera framework module allows attackers to cause denial of service by exploiting multi-threading timing issues. This affects Huawei devices with vulnerable camer...

This CVE describes a man-in-the-middle (MITM) vulnerability in the Clone module that could allow attackers to intercept and potentially modify communications. The vulnerability affects service confide...

A permission control vulnerability in Huawei's package management module could allow unauthorized access to sensitive information. This affects Huawei devices and systems using vulnerable package mana...

A permission control vulnerability in Huawei's window management module could allow attackers to affect system availability. This vulnerability impacts Huawei consumer devices running affected softwar...

This CVE describes an app lock verification bypass vulnerability in a file management application. Attackers could potentially access protected files without proper authentication, compromising data c...

A permission control vulnerability in Huawei's media library module could allow unauthorized access to sensitive media files. This affects Huawei devices or systems using the vulnerable media library ...

A race condition vulnerability in the audio module could allow attackers to cause denial of service by exploiting timing issues in audio processing. This affects Huawei devices with vulnerable audio c...

A race condition vulnerability in Huawei's camera framework module allows attackers to disrupt camera functionality through multi-threaded timing attacks. This affects availability of camera services ...

A race condition vulnerability in the camera framework module allows attackers to cause denial of service by exploiting multi-threading timing issues. This affects Huawei devices with vulnerable camer...

This CVE describes a denial of service vulnerability in Huawei office services where specially crafted requests could cause service disruption. The vulnerability affects Huawei products with office se...

This CVE describes a denial-of-service vulnerability in Huawei's office service. Successful exploitation could cause the service to become unresponsive or crash, affecting availability. Organizations ...

This CVE describes a denial of service vulnerability in Huawei office services where attackers can disrupt service availability. The vulnerability affects Huawei office products and services, potentia...

This CVE describes a denial-of-service vulnerability in Huawei office services where attackers can disrupt service availability. The vulnerability affects Huawei products running vulnerable versions o...