CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Huawei : Security Vulnerabilities (CVSS score between 5 and 5.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-34743 125 2022-07-12 2022-07-19
5.0
None Remote Low Not required None None Partial
The AT commands of the USB port have an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability.
2 CVE-2022-34742 125 2022-07-12 2022-12-12
5.0
None Remote Low Not required Partial None None
The system module has a read/write vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
3 CVE-2022-34739 Overflow 2022-07-12 2022-07-19
5.0
None Remote Low Not required Partial None None
The fingerprint module has a vulnerability of overflow in arithmetic addition. Successful exploitation of this vulnerability may result in the acquisition of data from unknown addresses in address mappings.
4 CVE-2022-34738 2022-07-12 2022-07-19
5.0
None Remote Low Not required None Partial None
The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background.
5 CVE-2022-31761 2022-06-13 2022-06-18
5.0
None Remote Low Not required Partial None None
Configuration defects in the secure OS module. Successful exploitation of this vulnerability will affect confidentiality.
6 CVE-2022-31757 2022-06-13 2022-06-27
5.0
None Remote Low Not required Partial None None
The setting module has a vulnerability of improper use of APIs. Successful exploitation of this vulnerability may affect data confidentiality.
7 CVE-2022-31754 2022-06-13 2022-06-18
5.0
None Remote Low Not required None None Partial
Logical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some features.
8 CVE-2022-31753 134 2022-06-13 2022-06-27
5.0
None Remote Low Not required None None Partial
The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability.
9 CVE-2022-29796 2022-05-13 2022-05-23
5.0
None Remote Low Not required None None Partial
The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services.
10 CVE-2022-29795 476 2022-05-13 2022-05-23
5.0
None Remote Low Not required None None Partial
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
11 CVE-2022-29793 2022-05-13 2022-06-13
5.0
None Remote Low Not required None None Partial
There is a configuration defect in the activation lock of mobile phones.Successful exploitation of this vulnerability may affect application availability.
12 CVE-2022-29792 2022-05-13 2022-05-23
5.0
None Remote Low Not required Partial None None
The chip component has a vulnerability of disclosing CPU SNs.Successful exploitation of this vulnerability may affect data confidentiality.
13 CVE-2022-29791 2022-05-13 2022-05-23
5.0
None Remote Low Not required None None Partial
The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services.
14 CVE-2022-29790 2022-05-13 2022-05-23
5.0
None Remote Low Not required None None Partial
The graphics acceleration service has a vulnerability in multi-thread access to the database.Successful exploitation of this vulnerability may cause service exceptions.
15 CVE-2022-29789 2022-05-13 2022-05-23
5.0
None Remote Low Not required None None Partial
The HiAIserver has a vulnerability in verifying the validity of the properties used in the model.Successful exploitation of this vulnerability will affect AI services.
16 CVE-2022-22261 2022-05-13 2022-05-23
5.0
None Remote Low Not required None None Partial
The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services.
17 CVE-2022-22257 269 2022-04-11 2022-04-18
5.0
None Remote Low Not required None Partial None
The customization framework has a vulnerability of improper permission control.Successful exploitation of this vulnerability may affect data integrity.
18 CVE-2022-22256 2022-04-11 2022-04-19
5.0
None Remote Low Not required Partial None None
The DFX module has an access control vulnerability.Successful exploitation of this vulnerability may affect data confidentiality.
19 CVE-2022-22255 2022-04-11 2022-04-18
5.0
None Remote Low Not required None None Partial
The application framework has a common DoS vulnerability.Successful exploitation of this vulnerability may affect the availability.
20 CVE-2022-22254 863 Bypass 2022-04-11 2022-04-19
5.0
None Remote Low Not required Partial None None
A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation of this vulnerability may affect data confidentiality.
21 CVE-2022-22253 354 2022-04-11 2022-04-18
5.0
None Remote Low Not required None Partial None
The DFX module has a vulnerability of improper validation of integrity check values.Successful exploitation of this vulnerability may affect system stability.
22 CVE-2021-46814 787 2022-06-13 2022-06-18
5.0
None Remote Low Not required None None Partial
The video framework has an out-of-bounds memory read/write vulnerability. Successful exploitation of this vulnerability may affect system availability.
23 CVE-2021-46813 212 2022-06-13 2022-06-27
5.0
None Remote Low Not required None None Partial
Vulnerability of residual files not being deleted after an update in the ChinaDRM module. Successful exploitation of this vulnerability may affect availability.
24 CVE-2021-46812 2022-06-13 2022-06-18
5.0
None Remote Low Not required None Partial None
The Device Manager has a vulnerability in multi-device interaction. Successful exploitation of this vulnerability may affect data integrity.
25 CVE-2021-46811 276 2022-06-13 2022-06-27
5.0
None Remote Low Not required Partial None None
HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this vulnerability may cause disclosure of the Card Production Life Cycle (CPLC) information.
26 CVE-2021-46789 2022-05-13 2022-06-13
5.0
None Remote Low Not required None None Partial
Configuration defects in the secure OS module. Successful exploitation of this vulnerability can affect availability.
27 CVE-2021-46788 2022-05-13 2022-05-23
5.0
None Remote Low Not required None Partial None
Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations.
28 CVE-2021-46787 2022-05-13 2022-05-23
5.0
None Remote Low Not required None None Partial
The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to crash.
29 CVE-2021-46785 2022-05-13 2022-07-12
5.0
None Remote Low Not required Partial None None
The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier.
30 CVE-2021-46741 2022-07-12 2022-12-12
5.0
None Remote Low Not required None Partial None
The basic framework and setting module have defects, which were introduced during the design. Successful exploitation of this vulnerability may affect system integrity.
31 CVE-2021-46740 287 2022-04-11 2022-04-15
5.0
None Remote Low Not required Partial None None
The device authentication service module has a defect vulnerability introduced in the design process.Successful exploitation of this vulnerability may affect data confidentiality.
32 CVE-2021-40065 2022-04-11 2022-04-15
5.0
None Remote Low Not required Partial None None
The communication module has a service logic error vulnerability.Successful exploitation of this vulnerability may affect data confidentiality.
33 CVE-2021-40063 2022-03-10 2022-03-14
5.0
None Remote Low Not required Partial None None
There is an improper access control vulnerability in the video module. Successful exploitation of this vulnerability may affect confidentiality.
34 CVE-2021-40061 843 2022-03-10 2022-03-14
5.0
None Remote Low Not required None Partial None
There is a vulnerability of accessing resources using an incompatible type (type confusion) in the Bastet module. Successful exploitation of this vulnerability may affect integrity.
35 CVE-2021-40051 668 2022-03-10 2022-03-14
5.0
None Remote Low Not required Partial None None
There is an unauthorized access vulnerability in system components. Successful exploitation of this vulnerability will affect confidentiality.
36 CVE-2021-40049 276 +Info 2022-03-10 2022-03-14
5.0
None Remote Low Not required Partial None None
There is a permission control vulnerability in the PMS module. Successful exploitation of this vulnerability can lead to sensitive system information being obtained without authorization.
37 CVE-2021-40044 2022-02-09 2022-07-12
5.8
None Local Network Low Not required Partial Partial Partial
There is a permission verification vulnerability in the Bluetooth module.Successful exploitation of this vulnerability may cause unauthorized operations.
38 CVE-2021-40039 476 2022-01-10 2022-01-13
5.0
None Remote Low Not required None Partial None
There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
39 CVE-2021-40038 415 2022-01-10 2022-01-13
5.0
None Remote Low Not required None Partial None
There is a Double free vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
40 CVE-2021-40035 120 Overflow 2022-01-10 2022-01-13
5.0
None Remote Low Not required None None Partial
There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability.
41 CVE-2021-40032 2022-01-10 2022-01-13
5.0
None Remote Low Not required Partial None None
The bone voice ID TA has a vulnerability in information management,Successful exploitation of this vulnerability may affect data confidentiality.
42 CVE-2021-40031 476 2022-01-10 2022-01-13
5.0
None Remote Low Not required None Partial None
There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
43 CVE-2021-40029 120 Overflow 2022-01-10 2022-01-13
5.0
None Remote Low Not required None None Partial
There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability.
44 CVE-2021-40028 787 2022-01-10 2022-01-13
5.0
None Remote Low Not required None Partial None
The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data integrity.
45 CVE-2021-40027 119 Overflow 2022-01-10 2022-01-13
5.0
None Remote Low Not required Partial None None
The bone voice ID TA has a vulnerability in calculating the buffer length,Successful exploitation of this vulnerability may affect data confidentiality.
46 CVE-2021-40026 787 Overflow 2022-01-10 2022-01-13
5.0
None Remote Low Not required None Partial None
There is a Heap-based buffer overflow vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
47 CVE-2021-40025 665 2022-01-10 2022-01-13
5.0
None Remote Low Not required Partial None None
The eID module has a vulnerability that causes the memory to be used without being initialized,Successful exploitation of this vulnerability may affect data confidentiality.
48 CVE-2021-40022 2022-01-10 2022-01-13
5.0
None Remote Low Not required Partial None None
The weaver module has a vulnerability in parameter type verification,Successful exploitation of this vulnerability may affect data confidentiality.
49 CVE-2021-40021 787 2022-01-10 2022-01-13
5.0
None Remote Low Not required Partial None None
The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data confidentiality.
50 CVE-2021-40020 125 2022-01-10 2022-01-13
5.0
None Remote Low Not required Partial None None
There is an Out-of-bounds array read vulnerability in the security storage module in smartphones. Successful exploitation of this vulnerability may affect service confidentiality.
Total number of vulnerabilities : 220   Page : 1 (This Page)2 3 4 5
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.