Filtered by vendor Huawei
Subscriptions
Total
2040 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-1693 | 1 Huawei | 2 Emui, Harmonyos | 2025-01-21 | 7.5 High |
| The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality. | ||||
| CVE-2023-52710 | 1 Huawei | 3 Curiem-wfg9b, Curiem-wfg9b Firmware, Curiem Wfg98 Bios | 2025-01-17 | 7.8 High |
| Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26), As the communication buffer size hasn’t been properly validated to be of the expected size, it can partially overlap with the beginning SMRAM.This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of SMRAM and can potentially lead to code execution in SMM. | ||||
| CVE-2023-52547 | 1 Huawei | 2 Curiem-wfg9b, Curiem-wfg9b Firmware | 2025-01-17 | 7.8 High |
| Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26. Memory Corruption in SMI Handler of HddPassword SMM Module. This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of SMRAM and can potentially lead to code execution in SMM. | ||||
| CVE-2023-52548 | 1 Huawei | 2 Curiem-wfg9b, Curiem-wfg9b Firmware | 2025-01-17 | 7.8 High |
| Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26) Arbitrary Memory Corruption in SMI Handler of ThisiServicesSmm SMM module. This can be leveraged by a malicious OS attacker to corrupt arbitrary SMRAM memory and, in turn, lead to code execution in SMM | ||||
| CVE-2023-52711 | 1 Huawei | 2 Curiem-wfg9b, Curiem-wfg9b Firmware | 2025-01-17 | 7.8 High |
| Various Issues Due To Exposed SMI Handler in AmdPspP2CmboxV2. The first issue can be leveraged to bypass the protections that have been put in place by previous UEFI phases to prevent direct access to the SPI flash. The second issue can be used to both leak and corrupt SMM memory thus potentially leading code execution in SMM | ||||
| CVE-2023-52712 | 1 Huawei | 2 Curiem-wfg9b, Curiem-wfg9b Firmware | 2025-01-17 | 7.8 High |
| Various Issues Due To Exposed SMI Handler in AmdPspP2CmboxV2. The first issue can be leveraged to bypass the protections that have been put in place by previous UEFI phases to prevent direct access to the SPI flash. The second issue can be used to both leak and corrupt SMM memory, thus potentially leading code execution in SMM | ||||
| CVE-2024-54101 | 1 Huawei | 2 Emui, Harmonyos | 2025-01-17 | 6.2 Medium |
| Denial of service (DoS) vulnerability in the installation module Impact: Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2023-31225 | 1 Huawei | 1 Emui | 2025-01-16 | 3.3 Low |
| The Gallery app has the risk of hijacking attacks. Successful exploitation of this vulnerability may cause download failures and affect product availability. | ||||
| CVE-2021-46886 | 1 Huawei | 1 Emui | 2025-01-16 | 7.5 High |
| The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2021-46885 | 1 Huawei | 1 Emui | 2025-01-16 | 7.5 High |
| The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2021-46884 | 1 Huawei | 1 Emui | 2025-01-16 | 7.5 High |
| The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2021-46883 | 1 Huawei | 1 Emui | 2025-01-16 | 7.5 High |
| The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2021-46882 | 1 Huawei | 1 Emui | 2025-01-16 | 7.5 High |
| The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2021-46881 | 1 Huawei | 1 Emui | 2025-01-16 | 7.5 High |
| The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2023-31226 | 1 Huawei | 1 Emui | 2025-01-15 | 7.5 High |
| The SDK for the MediaPlaybackController module has improper permission verification. Successful exploitation of this vulnerability may affect confidentiality. | ||||
| CVE-2023-0117 | 1 Huawei | 1 Emui | 2025-01-15 | 5.3 Medium |
| The online authentication provided by the hwKitAssistant lacks strict identity verification of applications. Successful exploitation of this vulnerability may affect availability of features,such as MeeTime. | ||||
| CVE-2021-46887 | 1 Huawei | 1 Emui | 2025-01-15 | 9.8 Critical |
| Lack of length check vulnerability in the HW_KEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds read. | ||||
| CVE-2023-31227 | 1 Huawei | 1 Emui | 2025-01-15 | 7.5 High |
| The hwPartsDFR module has a vulnerability in API calling verification. Successful exploitation of this vulnerability may affect device confidentiality. | ||||
| CVE-2023-0116 | 1 Huawei | 1 Emui | 2025-01-15 | 7.5 High |
| The reminder module lacks an authentication mechanism for broadcasts received. Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2022-48480 | 1 Huawei | 1 Emui | 2025-01-15 | 7.5 High |
| Integer overflow vulnerability in some phones. Successful exploitation of this vulnerability may affect service confidentiality. | ||||