Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Harmonyos
(Huawei)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 834 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-01-03 | CVE-2021-39989 | The HwNearbyMain module has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability may cause a process to restart. | Harmonyos | 7.5 | ||
| 2022-01-03 | CVE-2021-39990 | The screen lock module has a Stack-based Buffer Overflow vulnerability.Successful exploitation of this vulnerability may affect user experience. | Harmonyos | 9.8 | ||
| 2022-10-14 | CVE-2021-46839 | The HW_KEYMASTER module has a vulnerability of missing bounds check on length.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access. | Emui, Harmonyos | 9.1 | ||
| 2022-10-14 | CVE-2021-46840 | The HW_KEYMASTER module has an out-of-bounds access vulnerability in parameter set verification.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access. | Emui, Harmonyos | 9.1 | ||
| 2022-10-14 | CVE-2022-38977 | The HwAirlink module has a heap overflow vulnerability.Successful exploitation of this vulnerability may cause out-of-bounds writes, resulting in modification of sensitive data. | Harmonyos | 7.5 | ||
| 2022-10-14 | CVE-2022-38980 | The HwAirlink module has a heap overflow vulnerability in processing data packets of the proprietary protocol.Successful exploitation of this vulnerability may allow attackers to obtain process control permissions. | Harmonyos | 9.8 | ||
| 2022-10-14 | CVE-2022-38981 | The HwAirlink module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause information leakage. | Harmonyos | 7.5 | ||
| 2022-10-14 | CVE-2022-38982 | The fingerprint module has service logic errors.Successful exploitation of this vulnerability will cause the phone lock to be cracked. | Harmonyos | 9.8 | ||
| 2022-10-14 | CVE-2022-38983 | The BT Hfp Client module has a Use-After-Free (UAF) vulnerability.Successful exploitation of this vulnerability may result in arbitrary code execution. | Emui, Harmonyos | 9.8 | ||
| 2022-10-14 | CVE-2022-38984 | The HIPP module has a vulnerability of not verifying the data transferred in the kernel space.Successful exploitation of this vulnerability will cause out-of-bounds read, which affects data confidentiality. | Emui, Harmonyos | 7.5 |