# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2022-34737 |
276 |
|
|
2022-07-12 |
2022-07-19 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality. |
2 |
CVE-2022-31760 |
|
|
|
2022-06-13 |
2022-06-27 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services. Successful exploitation of this vulnerability may affect data integrity and confidentiality. |
3 |
CVE-2022-22260 |
416 |
|
|
2022-05-13 |
2022-05-23 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
The kernel module has a UAF vulnerability.Successful exploitation of this vulnerability will affect data integrity and availability. |
4 |
CVE-2021-46742 |
|
|
|
2022-04-11 |
2022-07-12 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings.Secure data.Successful exploitation of this vulnerability may affect the availability. |
5 |
CVE-2021-40053 |
276 |
|
|
2022-03-10 |
2022-10-27 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
There is a permission control vulnerability in the Nearby module.Successful exploitation of this vulnerability will affect availability and integrity. |
6 |
CVE-2021-39982 |
269 |
|
|
2022-01-03 |
2022-01-13 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
Phone Manager application has a Improper Privilege Management vulnerability.Successful exploitation of this vulnerability may read and write arbitrary files by tampering with Phone Manager notifications. |
7 |
CVE-2021-37134 |
362 |
|
|
2022-01-03 |
2022-01-13 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Location-related APIs exists a Race Condition vulnerability.Successful exploitation of this vulnerability may use Higher Permissions for invoking the interface of location-related components. |
8 |
CVE-2021-37131 |
1236 |
|
|
2021-10-27 |
2021-10-29 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
There is a CSV injection vulnerability in ManageOne, iManager NetEco and iManager NetEco 6000. An attacker with high privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject CSV files to the target device. |
9 |
CVE-2021-37116 |
20 |
|
|
2022-01-03 |
2022-01-11 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
PCManager has a Weaknesses Introduced During Design vulnerability .Successful exploitation of this vulnerability may cause that the PIN of the subscriber is changed. |
10 |
CVE-2021-37099 |
22 |
|
Dir. Trav. |
2021-12-07 |
2021-12-09 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to delete any file. |
11 |
CVE-2021-37088 |
22 |
|
Dir. Trav. |
2021-12-07 |
2021-12-09 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers can write any content to any file. |
12 |
CVE-2021-37087 |
22 |
|
Dir. Trav. |
2021-12-07 |
2021-12-09 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers can create arbitrary file. |
13 |
CVE-2021-37079 |
20 |
|
|
2021-12-07 |
2021-12-09 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to delete arbitrary file by system_app permission. |
14 |
CVE-2021-37065 |
190 |
|
Overflow |
2021-12-07 |
2021-12-09 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
There is a Integer Overflow or Wraparound vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Confidentiality or Availability impacted. |
15 |
CVE-2021-37064 |
22 |
|
Dir. Trav. |
2021-12-07 |
2021-12-09 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
There is a Improper Limitation of a Pathname to a Restricted Directory vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to arbitrary file created. |
16 |
CVE-2021-37062 |
129 |
|
Overflow +Info |
2021-12-07 |
2021-12-09 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
There is a Improper Validation of Array Index vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to memory overflow and information leakage. |
17 |
CVE-2021-37051 |
125 |
|
|
2021-12-08 |
2021-12-09 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
There is an Out-of-bounds read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds memory access. |
18 |
CVE-2021-37042 |
20 |
|
|
2021-12-07 |
2021-12-07 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds read. |
19 |
CVE-2021-37041 |
20 |
|
|
2021-12-07 |
2021-12-07 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds read. |
20 |
CVE-2021-37040 |
88 |
|
|
2021-12-08 |
2022-07-12 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause privilege escalation of files after CIFS share mounting. |
21 |
CVE-2021-37023 |
22 |
|
Dir. Trav. |
2021-11-23 |
2022-05-03 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause media files which can be reads and writes in non-distributed directories on any device on the network.. |
22 |
CVE-2021-37021 |
20 |
|
Overflow |
2021-12-07 |
2021-12-09 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read. |
23 |
CVE-2021-37020 |
20 |
|
Overflow |
2021-12-07 |
2021-12-09 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read. |
24 |
CVE-2021-36999 |
120 |
|
Exec Code Overflow |
2021-10-28 |
2021-11-01 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
There is a Buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by sending malicious images and inducing users to open the images may cause remote code execution. |
25 |
CVE-2021-22448 |
|
|
|
2022-02-25 |
2022-07-12 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause unauthorized read and write of some files. |
26 |
CVE-2021-22437 |
190 |
|
Overflow |
2022-02-25 |
2022-03-07 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
There is a software integer overflow leading to a TOCTOU condition in smartphones. Successful exploitation of this vulnerability may cause random address access. |
27 |
CVE-2021-22436 |
|
|
Bypass |
2021-10-28 |
2021-11-02 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
There is a Logic Bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service integrity and availability. |
28 |
CVE-2021-22435 |
|
|
|
2021-08-02 |
2021-12-09 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
There is a Configuration Defect Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service integrity and availability. |
29 |
CVE-2021-22428 |
362 |
|
Bypass |
2021-08-02 |
2021-12-09 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
There is an Incomplete Cleanup Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass. |
30 |
CVE-2021-22427 |
362 |
|
Overflow Bypass |
2021-08-02 |
2021-12-09 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
There is a Heap-based Buffer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass. |
31 |
CVE-2021-22394 |
120 |
|
Overflow |
2022-02-25 |
2022-03-07 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
There is a buffer overflow vulnerability in smartphones. Successful exploitation of this vulnerability may cause DoS of the apps during Multi-Screen Collaboration. |
32 |
CVE-2021-22386 |
415 |
|
|
2021-08-10 |
2021-12-09 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
A component of the Huawei smartphone has a Double Free vulnerability. Local attackers may exploit this vulnerability to cause Root Elevation of Privileges. |
33 |
CVE-2021-22384 |
362 |
|
Bypass |
2021-08-02 |
2021-12-09 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass. |
34 |
CVE-2021-22380 |
319 |
|
|
2021-06-30 |
2021-07-06 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
There is a Cleartext Transmission of Sensitive Information Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality and availability. |
35 |
CVE-2021-22373 |
|
|
|
2021-06-30 |
2021-07-06 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
There is a Defects Introduced in the Design Process Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service integrity and availability. |
36 |
CVE-2021-22354 |
125 |
|
|
2021-06-30 |
2021-07-02 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
There is an Information Disclosure Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause out-of-bounds read. |
37 |
CVE-2021-22352 |
|
|
Exec Code |
2021-06-30 |
2021-07-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
There is a Configuration Defect Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may allow attackers to hijack the device and forge UIs to induce users to execute malicious commands. |
38 |
CVE-2021-22343 |
|
|
|
2021-07-01 |
2021-07-06 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
There is a Configuration Defect vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service integrity and availability. |
39 |
CVE-2021-22326 |
269 |
|
|
2021-06-30 |
2021-11-02 |
6.6 |
None |
Local |
Low |
Not required |
Complete |
Complete |
None |
A component of the HarmonyOS has a Privilege Dropping / Lowering Errors vulnerability. Local attackers may exploit this vulnerability to obtain Kernel space read/write capability. |
40 |
CVE-2021-22311 |
276 |
|
|
2021-03-22 |
2021-03-24 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
There is an improper permission assignment vulnerability in Huawei ManageOne product. Due to improper security hardening, the process can run with a higher privilege. Successful exploit could allow certain users to do certain operations with improper permissions. Affected product versions include: ManageOne versions 8.0.0, 8.0.1. |
41 |
CVE-2020-9242 |
78 |
|
|
2020-08-17 |
2021-07-21 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
FusionCompute 8.0.0 have a command injection vulnerability. The software does not sufficiently validate certain parameters post from user, successful exploit could allow an authenticated attacker to launch a command injection attack. |
42 |
CVE-2020-9233 |
287 |
|
|
2020-08-17 |
2020-08-21 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
FusionCompute 8.0.0 have an insufficient authentication vulnerability. An attacker may exploit the vulnerability to delete some files and cause some services abnormal. |
43 |
CVE-2020-9145 |
787 |
|
|
2021-01-13 |
2021-01-19 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
There is an Out-of-bounds Write vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability may cause out-of-bounds access to the physical memory. |
44 |
CVE-2020-9142 |
787 |
|
Overflow |
2021-01-13 |
2021-01-19 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
There is a heap base buffer overflow vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability can cause heap overflow and memory overwriting when the system incorrectly processes the update file. |
45 |
CVE-2020-9141 |
345 |
|
|
2021-01-13 |
2021-07-21 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
There is a improper privilege management vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability can cause information disclosure and malfunctions due to insufficient verification of data authenticity. |
46 |
CVE-2020-9139 |
20 |
|
DoS |
2021-01-13 |
2021-01-19 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
There is a improper input validation vulnerability in some Huawei Smartphone.Successful exploit of this vulnerability can cause memory access errors and denial of service. |
47 |
CVE-2020-9116 |
77 |
|
|
2020-12-01 |
2020-12-02 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
Huawei FusionCompute versions 6.5.1 and 8.0.0 have a command injection vulnerability. An authenticated, remote attacker can craft specific request to exploit this vulnerability. Due to insufficient verification, this could be exploited to cause the attackers to obtain higher privilege. |
48 |
CVE-2020-1811 |
74 |
|
Exec Code |
2020-02-18 |
2021-07-21 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
GaussDB 200 with version of 6.5.1 have a command injection vulnerability. Due to insufficient input validation, remote attackers with low permissions could exploit this vulnerability by sending crafted commands to the affected device. Successful exploit could allow an attacker to execute commands. |
49 |
CVE-2020-1790 |
74 |
|
|
2020-02-18 |
2021-07-21 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
GaussDB 200 with version of 6.5.1 have a command injection vulnerability. The software constructs part of a command using external input from users, but the software does not sufficiently validate the user input. Successful exploit could allow the attacker to inject certain commands. |
50 |
CVE-2019-5238 |
|
|
Exec Code |
2019-08-08 |
2020-08-24 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Huawei PCManager with the versions before 9.0.1.66 (Oversea) and versions before 9.0.1.70 (China) have a code execution vulnerability. Successful exploitation may cause the attacker to execute code and read/write information. |