Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Harmonyos
(Huawei)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 869 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-03-27 | CVE-2022-48355 | The Bluetooth module has a heap out-of-bounds read vulnerability. Successful exploitation of this vulnerability can cause the Bluetooth process to crash. | Emui, Harmonyos | 6.5 | ||
| 2023-03-27 | CVE-2022-48358 | The BatteryHealthActivity has a redirection vulnerability. Successful exploitation of this vulnerability by a malicious app can cause service exceptions. | Emui, Harmonyos | 7.4 | ||
| 2023-03-27 | CVE-2022-48360 | The facial recognition module has a vulnerability in file permission control. Successful exploitation of this vulnerability may affect confidentiality. | Emui, Harmonyos | 7.5 | ||
| 2023-03-27 | CVE-2022-48361 | The Always On Display (AOD) has a path traversal vulnerability in theme files. Successful exploitation of this vulnerability may cause a failure in reading AOD theme resources. | Emui, Harmonyos | 5.3 | ||
| 2023-03-27 | CVE-2023-26547 | The InputMethod module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation. | Emui, Harmonyos | 7.8 | ||
| 2023-03-27 | CVE-2023-26548 | The pgmng module has a vulnerability in serialization/deserialization. Successful exploitation of this vulnerability may affect availability. | Emui, Harmonyos | 7.5 | ||
| 2023-06-16 | CVE-2023-34154 | Vulnerability of undefined permissions in HUAWEI VR screen projection.Successful exploitation of this vulnerability will cause third-party apps to create windows in an arbitrary way, consuming system resources. | Harmonyos | 8.2 | ||
| 2023-06-16 | CVE-2023-34165 | Unauthorized access vulnerability in the Save for later feature provided by AI Touch.Successful exploitation of this vulnerability may cause third-party apps to forge a URI for unauthorized access with zero permissions. | Harmonyos | 5.3 | ||
| 2023-07-05 | CVE-2021-46890 | Vulnerability of incomplete read and write permission verification in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability. | Emui, Harmonyos | 9.8 | ||
| 2023-07-05 | CVE-2021-46891 | Vulnerability of incomplete read and write permission verification in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability. | Emui, Harmonyos | 9.8 |