Huawei Security Vulnerabilities (CVEs)

A race condition vulnerability in the memory management module's physical page import process could allow attackers to compromise service integrity. T...

This vulnerability in the DFA module allows attackers to cause denial of service by exploiting insufficient data length verification. It affects Huawe...

This CVE describes an integer overflow vulnerability in Huawei's partition module where insufficient data length verification allows attackers to caus...

This CVE describes a buffer overflow vulnerability in Huawei's HVB module due to insufficient data length verification. Attackers could exploit this t...

This CVE describes an out-of-bounds read vulnerability in the DMA module's register configuration. Successful exploitation could allow attackers to re...

This vulnerability involves improper handling of abnormal conditions during huge page separation in memory management. Successful exploitation could c...

This vulnerability in Huawei's multimodalinput module allows attackers to trigger unexpected injection events, potentially causing denial of service c...

A race condition vulnerability in the kernel file system module could allow attackers to cause system instability or crashes. This affects systems run...

This CVE describes a use-after-free vulnerability in the cjwindow module where a pointer is not properly cleared after memory is freed. Successful exp...

This CVE describes an out-of-bounds write vulnerability in the Skia graphics library. Successful exploitation could allow attackers to write beyond al...

This CVE describes an out-of-bounds array access vulnerability in Huawei's ArkUI framework. Successful exploitation could cause application crashes or...

A stack-based buffer overflow vulnerability in the dms_fwk module allows attackers to execute arbitrary code with system privileges. This affects Huaw...

A permission control vulnerability in Huawei's distributed clipboard module could allow unauthorized access to clipboard data. This affects Huawei dev...

This CVE describes an iterator failure vulnerability in Huawei's multi-mode input module that can cause availability issues when exploited. Attackers ...

This CVE describes a deserialization vulnerability in the ability module where untrusted data can be processed, potentially leading to denial of servi...

This CVE describes an iterator failure issue in the WantAgent module that can cause memory release failures when exploited. The vulnerability affects ...

This CVE describes an authentication bypass vulnerability in Huawei's devicemanager module that allows attackers to access restricted functionality wi...

This CVE describes an out-of-bounds access vulnerability in an audio codec module that could allow attackers to cause denial of service conditions. Th...

The Gallery module in affected Huawei products contains an EXTRA_REFERRER resource read vulnerability that allows unauthorized access to sensitive inf...

This CVE describes an iterator failure vulnerability in Huawei's card management module that could cause system instability or crashes when exploited....

This CVE describes an input validation vulnerability in Huawei's home screen module that could allow attackers to disrupt device functionality. Succes...

This vulnerability in the media library module allows unauthorized access to protected information, potentially exposing sensitive data. It affects Hu...

This CVE describes an authentication management vulnerability in Huawei's ArkWeb module that could allow attackers to bypass authentication mechanisms...

This CVE describes an out-of-bounds access vulnerability in an audio codec module that could allow attackers to cause denial of service conditions. Th...

A race condition vulnerability in the virtualization base module could allow attackers to compromise the confidentiality and integrity of the virtuali...

A path traversal vulnerability (CWE-22) in Huawei's virtualization base module allows attackers to access files outside the intended directory. This a...

This vulnerability allows third-party calling applications to send unverified broadcasts to the audio framework module on affected Huawei devices. Thi...

A permission bypass vulnerability in the calendar storage module allows unauthorized access to calendar data. This affects Huawei head units where att...

A null pointer dereference vulnerability in the PDF preview module could cause application crashes or instability when processing malicious PDF files....

A null pointer dereference vulnerability in the PDF preview module could cause application crashes or denial of service. This affects systems using Hu...

A null pointer dereference vulnerability in the PDF preview module could cause application crashes or denial of service. This affects systems running ...

A stack overflow vulnerability exists in Huawei's file preview function when parsing vector images. This could allow attackers to crash the preview se...

A stack overflow vulnerability exists in Huawei products when parsing vector images during file preview. This could allow attackers to crash the previ...

This authentication vulnerability in Huawei's distributed collaboration framework module could allow attackers to bypass authentication mechanisms and...

This vulnerability allows unauthorized devices to bypass authentication and access distributed camera functions without user consent. It affects Huawe...

This CVE describes a stack overflow vulnerability in vector image parsing during file preview operations. Attackers could potentially execute arbitrar...

This CVE describes a deserialization vulnerability in the IPC module that could allow attackers to cause denial of service. The vulnerability affects ...

This CVE describes an authentication bypass vulnerability in Huawei device management channels that could allow unauthorized access to management func...

This vulnerability involves improper permission assignment in a note sharing module, allowing unauthorized access or manipulation of shared notes. Suc...

This vulnerability in Huawei device setting modules allows attackers to exhaust system resources through uncontrolled resource consumption, potentiall...

A permission bypass vulnerability in the media library module allows unauthorized access to restricted media resources. This affects systems running t...

This vulnerability in the arkweb v8 module allows WebAssembly (Wasm) exceptions to be improperly captured, potentially leading to application instabil...

This vulnerability in Huawei's ArkUI framework involves improper resource allocation control, potentially allowing attackers to cause denial-of-servic...

This vulnerability allows unauthorized access to bypass app lock protections on affected Huawei devices. Attackers could access locked applications wi...

This CVE describes an out-of-bounds data read vulnerability in Huawei's authorization module that could allow attackers to read unauthorized memory co...

A process residence vulnerability in Huawei's print module under abnormal scenarios could allow attackers to cause denial of service conditions. This ...

A permission control vulnerability in Huawei's media library module allows unauthorized access to protected media files. This affects Huawei devices a...

This CVE describes an improper authentication logic implementation in a file system module that could allow unauthorized access to sensitive data. Suc...

A permission control vulnerability in Huawei's contacts module allows unauthorized access or manipulation of contact data. This affects Huawei devices...

A deserialization mismatch vulnerability in the DSoftBus module allows attackers to manipulate serialized data to potentially execute arbitrary code o...