# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2022-47976 |
|
|
|
2023-01-06 |
2023-01-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The DMSDP module of the distributed hardware has a vulnerability that may cause imposter control connections.Successful exploitation of this vulnerability may disconnect normal service connections. |
2 |
CVE-2022-47975 |
415 |
|
|
2023-01-06 |
2023-01-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The DUBAI module has a double free vulnerability.Successful exploitation of this vulnerability may affect system availability. |
3 |
CVE-2022-47974 |
|
|
|
2023-01-06 |
2023-01-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The Bluetooth AVRCP module has a vulnerability that can lead to DoS attacks.Successful exploitation of this vulnerability may cause the Bluetooth process to restart. |
4 |
CVE-2022-46762 |
|
|
Bypass |
2023-01-06 |
2023-01-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The memory management module has a logic bypass vulnerability.Successful exploitation of this vulnerability may affect data confidentiality. |
5 |
CVE-2022-46761 |
|
|
|
2023-01-06 |
2023-01-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The system has a vulnerability that may cause dynamic hiding and restoring of app icons.Successful exploitation of this vulnerability may cause malicious hiding of app icons. |
6 |
CVE-2022-46328 |
20 |
|
|
2022-12-20 |
2022-12-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Some smartphones have the input validation vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. |
7 |
CVE-2022-46327 |
|
|
|
2022-12-20 |
2022-12-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Some smartphones have configuration issues. Successful exploitation of this vulnerability may cause privilege escalation, which results in system service exceptions. |
8 |
CVE-2022-46326 |
787 |
|
|
2022-12-20 |
2022-12-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions. |
9 |
CVE-2022-46325 |
787 |
|
|
2022-12-20 |
2022-12-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Some smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause system service exceptions. |
10 |
CVE-2022-46324 |
787 |
|
|
2022-12-20 |
2022-12-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions. |
11 |
CVE-2022-46323 |
787 |
|
|
2022-12-20 |
2022-12-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Some smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause system service exceptions. |
12 |
CVE-2022-46322 |
787 |
|
|
2022-12-20 |
2022-12-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions. |
13 |
CVE-2022-46321 |
|
|
|
2022-12-20 |
2022-12-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The Wi-Fi module has a vulnerability in permission verification. Successful exploitation of this vulnerability may affect data confidentiality. |
14 |
CVE-2022-46320 |
125 |
|
|
2022-12-20 |
2022-12-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The kernel module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may cause memory overwriting. |
15 |
CVE-2022-46319 |
787 |
|
|
2022-12-20 |
2022-12-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Fingerprint calibration has a vulnerability of lacking boundary judgment. Successful exploitation of this vulnerability may cause out-of-bounds write. |
16 |
CVE-2022-46318 |
|
|
|
2022-12-20 |
2022-12-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The HAware module has a function logic error. Successful exploitation of this vulnerability will affect the account removal function in Settings. |
17 |
CVE-2022-46317 |
125 |
|
|
2022-12-20 |
2022-12-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The power consumption module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability. |
18 |
CVE-2022-46316 |
287 |
|
|
2022-12-20 |
2022-12-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
A thread security vulnerability exists in the authentication process. Successful exploitation of this vulnerability may affect data integrity, confidentiality, and availability. |
19 |
CVE-2022-46315 |
|
|
|
2022-12-20 |
2022-12-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The ProfileSDK has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability. |
20 |
CVE-2022-46314 |
|
|
|
2022-12-20 |
2022-12-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The IPC module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability. |
21 |
CVE-2022-46313 |
287 |
|
|
2022-12-20 |
2022-12-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The sensor privacy module has an authentication vulnerability. Successful exploitation of this vulnerability may cause unavailability of the smartphone's camera and microphone. |
22 |
CVE-2022-46312 |
|
|
|
2022-12-20 |
2022-12-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The application management module has a vulnerability in permission verification. Successful exploitation of this vulnerability causes unexpected clear of device applications. |
23 |
CVE-2022-46311 |
416 |
|
|
2022-12-20 |
2022-12-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The contacts component has a free (undefined) provider vulnerability. Successful exploitation of this vulnerability may affect data integrity. |
24 |
CVE-2022-46310 |
|
|
|
2022-12-20 |
2022-12-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The TelephonyProvider module has a vulnerability in obtaining values.Successful exploitation of this vulnerability may affect data confidentiality. |
25 |
CVE-2022-44563 |
362 |
|
|
2022-11-09 |
2022-11-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
There is a race condition vulnerability in SD upgrade mode. Successful exploitation of this vulnerability may affect data confidentiality. |
26 |
CVE-2022-44562 |
269 |
|
|
2022-11-09 |
2022-11-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The system framework layer has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation. |
27 |
CVE-2022-44561 |
276 |
|
|
2022-11-09 |
2022-11-17 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The preset launcher module has a permission verification vulnerability. Successful exploitation of this vulnerability makes unauthorized apps add arbitrary widgets and shortcuts without interaction. |
28 |
CVE-2022-44560 |
|
|
|
2022-11-09 |
2022-11-17 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The launcher module has an Intent redirection vulnerability. Successful exploitation of this vulnerability may cause launcher module data to be modified. |
29 |
CVE-2022-44559 |
502 |
|
|
2022-11-09 |
2022-11-14 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation. |
30 |
CVE-2022-44558 |
502 |
|
|
2022-11-09 |
2022-11-14 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation. |
31 |
CVE-2022-44557 |
|
|
|
2022-11-09 |
2022-11-14 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The SmartTrimProcessEvent module has a vulnerability of obtaining the read and write permissions on arbitrary system files. Successful exploitation of this vulnerability may affect data confidentiality. |
32 |
CVE-2022-44556 |
20 |
|
|
2022-11-08 |
2022-12-26 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Missing parameter type validation in the DRM module. Successful exploitation of this vulnerability may affect availability. |
33 |
CVE-2022-44555 |
|
|
|
2022-11-09 |
2022-11-14 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The DDMP/ODMF module has a service hijacking vulnerability. Successful exploit of this vulnerability may cause services to be unavailable. |
34 |
CVE-2022-44554 |
|
|
|
2022-11-09 |
2022-11-14 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The power module has a vulnerability in permission verification. Successful exploitation of this vulnerability may cause abnormal status of a module on the device. |
35 |
CVE-2022-44553 |
|
|
|
2022-11-09 |
2022-11-14 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The HiView module has a vulnerability of not filtering third-party apps out when the HiView module traverses to invoke the system provider. Successful exploitation of this vulnerability may cause third-party apps to start periodically. |
36 |
CVE-2022-44552 |
|
|
|
2022-11-09 |
2022-11-14 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The lock screen module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability. |
37 |
CVE-2022-44551 |
|
|
|
2022-11-09 |
2022-11-14 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The iaware module has a vulnerability in thread security. Successful exploitation of this vulnerability will affect confidentiality, integrity, and availability. |
38 |
CVE-2022-44550 |
|
|
|
2022-11-09 |
2022-11-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The graphics display module has a UAF vulnerability when traversing graphic layers. Successful exploitation of this vulnerability may affect system availability. |
39 |
CVE-2022-44549 |
668 |
|
|
2022-11-09 |
2022-11-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The LBS module has a vulnerability in geofencing API access. Successful exploitation of this vulnerability may cause third-party apps to access the geofencing APIs without authorization, affecting user confidentiality. |
40 |
CVE-2022-44548 |
276 |
|
|
2022-11-09 |
2022-11-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
There is a vulnerability in permission verification during the Bluetooth pairing process. Successful exploitation of this vulnerability may cause the dialog box for confirming the pairing not to be displayed during Bluetooth pairing. |
41 |
CVE-2022-44547 |
416 |
|
|
2022-11-09 |
2022-11-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The Display Service module has a UAF vulnerability. Successful exploitation of this vulnerability may affect the display service availability. |
42 |
CVE-2022-44546 |
|
|
|
2022-11-09 |
2022-11-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The kernel module has the vulnerability that the mapping is not cleared after the memory is automatically released. Successful exploitation of this vulnerability may cause a system restart. |
43 |
CVE-2022-41603 |
125 |
|
Overflow |
2022-10-14 |
2022-10-15 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service. |
44 |
CVE-2022-41602 |
125 |
|
Overflow |
2022-10-14 |
2022-10-15 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service. |
45 |
CVE-2022-41601 |
125 |
|
Overflow |
2022-10-14 |
2022-10-15 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service. |
46 |
CVE-2022-41600 |
125 |
|
Overflow |
2022-10-14 |
2022-10-15 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service. |
47 |
CVE-2022-41599 |
|
|
|
2022-12-20 |
2022-12-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The system service has a vulnerability that causes incorrect return values. Successful exploitation of this vulnerability may affect data confidentiality. |
48 |
CVE-2022-41598 |
125 |
|
Overflow |
2022-10-14 |
2022-10-15 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service. |
49 |
CVE-2022-41597 |
125 |
|
Overflow |
2022-10-14 |
2022-10-15 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service. |
50 |
CVE-2022-41596 |
502 |
|
|
2022-12-20 |
2022-12-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The system tool has inconsistent serialization and deserialization. Successful exploitation of this vulnerability will cause unauthorized startup of components. |