Huawei Huawei

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Huawei product.

Products by Huawei Sorted by Most Security Vulnerabilities since 2018

Huawei Harmonyos741 vulnerabilities

Huawei Emui713 vulnerabilities

Huawei Magic Ui272 vulnerabilities

Huawei Fusioncompute11 vulnerabilities

Huawei Openeuler8 vulnerabilities

Huawei Curiem Wfg9b Firmware5 vulnerabilities

Huawei Cv81 Wdm Firmware3 vulnerabilities

Huawei Hilink Ai Life2 vulnerabilities

Huawei Smc2 02 vulnerabilities

Huawei Bisheng Wnm Firmware2 vulnerabilities

Huawei B612 Firmware2 vulnerabilities

Huawei Myna Firmware1 vulnerability

Huawei Ultravr1 vulnerability

Huawei Opengauss1 vulnerability

Huawei Policy Center1 vulnerability

Huawei Egrt 00 Firmware1 vulnerability

Huawei Flmg 10 Firmware1 vulnerability

Huawei Mt8821 vulnerability

Huawei Mate 20 Firmware1 vulnerability

Huawei Mate 30 Firmware1 vulnerability

By the Year

In 2025 there have been 28 vulnerabilities in Huawei with an average score of 6.9 out of ten. Last year, in 2024 Huawei had 162 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Huawei in 2025 could surpass last years number. However, the average CVE base score of the vulnerabilities in 2025 is greater by 0.15.




Year Vulnerabilities Average Score
2025 28 6.86
2024 162 6.72
2023 241 7.50
2022 303 7.56
2021 255 7.33
2020 14 7.10
2019 12 6.93
2018 5 6.26

It may take a day or so for new Huawei vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Huawei Security Vulnerabilities

Startup control vulnerability in the ability module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2024-54121 7.5 - High - January 08, 2025

Startup control vulnerability in the ability module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

Vulnerability of improper access control in the home screen widget module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-56448 7.5 - High - January 08, 2025

Vulnerability of improper access control in the home screen widget module Impact: Successful exploitation of this vulnerability may affect availability.

Privilege escalation vulnerability in the Account module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-56449 7.5 - High - January 08, 2025

Privilege escalation vulnerability in the Account module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Buffer overflow vulnerability in the component driver module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-56450 5.5 - Medium - January 08, 2025

Buffer overflow vulnerability in the component driver module Impact: Successful exploitation of this vulnerability may affect availability.

Classic Buffer Overflow

Integer overflow vulnerability during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-56451 5.5 - Medium - January 08, 2025

Integer overflow vulnerability during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.

Integer Overflow or Wraparound

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-56452 5.5 - Medium - January 08, 2025

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-56453 5.5 - Medium - January 08, 2025

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-56454 5.5 - Medium - January 08, 2025

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-56455 5.5 - Medium - January 08, 2025

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-56456 5.5 - Medium - January 08, 2025

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.

Vulnerability of improper memory address protection in the HUKS module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-56438 7.5 - High - January 08, 2025

Vulnerability of improper memory address protection in the HUKS module Impact: Successful exploitation of this vulnerability may affect availability.

Access control vulnerability in the identity authentication module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-56439 7.5 - High - January 08, 2025

Access control vulnerability in the identity authentication module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Permission control vulnerability in the Connectivity module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2024-56440 7.5 - High - January 08, 2025

Permission control vulnerability in the Connectivity module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

Incorrect Default Permissions

Race condition vulnerability in the Bastet module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-56441 5.9 - Medium - January 08, 2025

Race condition vulnerability in the Bastet module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Race Condition

Vulnerability of native APIs not being implemented in the NFC service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2024-56442 7.5 - High - January 08, 2025

Vulnerability of native APIs not being implemented in the NFC service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-56443 7.5 - High - January 08, 2025

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-56444 7.5 - High - January 08, 2025

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Instruction authentication bypass vulnerability in the Findnetwork module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2024-56445 5.3 - Medium - January 08, 2025

Instruction authentication bypass vulnerability in the Findnetwork module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

authentification

Vulnerability of variables not being initialized in the notification module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-56446 7.5 - High - January 08, 2025

Vulnerability of variables not being initialized in the notification module Impact: Successful exploitation of this vulnerability may affect availability.

Use of Uninitialized Resource

Vulnerability of improper permission control in the window management module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-56447 7.5 - High - January 08, 2025

Vulnerability of improper permission control in the window management module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Incorrect Default Permissions

Path traversal vulnerability in the Medialibrary module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

CVE-2023-52953 9.1 - Critical - January 08, 2025

Path traversal vulnerability in the Medialibrary module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Directory traversal

Vulnerability of improper permission control in the Gallery module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2023-52954 7.5 - High - January 08, 2025

Vulnerability of improper permission control in the Gallery module Impact: Successful exploitation of this vulnerability may affect availability.

Incorrect Default Permissions

Vulnerability of improper authentication in the ANS system service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2023-52955 7.5 - High - January 08, 2025

Vulnerability of improper authentication in the ANS system service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

authentification

Race condition vulnerability in the distributed notification module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2024-54120 5.9 - Medium - January 08, 2025

Race condition vulnerability in the distributed notification module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

Race Condition

Vulnerability of input parameters not being verified in the widget framework module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-56437 7.5 - High - January 08, 2025

Vulnerability of input parameters not being verified in the widget framework module Impact: Successful exploitation of this vulnerability may affect availability.

UAF vulnerability in the device node access module Impact: Successful exploitation of this vulnerability may cause service exceptions of the device.

CVE-2024-56434 7.5 - High - January 08, 2025

UAF vulnerability in the device node access module Impact: Successful exploitation of this vulnerability may cause service exceptions of the device.

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-56435 7.5 - High - January 08, 2025

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-56436 7.5 - High - January 08, 2025

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Huawei Smartphones Information Disclosure Vulnerability in Applock

CVE-2020-9082 4.6 - Medium - December 27, 2024

There is an information disclosure vulnerability in several smartphones. The system has a logic judging error under certain scenario, the attacker should gain the permit to execute commands in ADB mode and then do a series of operation on the phone. Successful exploit could allow the attacker to gain certain information from certain apps locked by Applock. (Vulnerability ID: HWPSIRT-2019-07112) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9082.

Huawei Product Improper Interface Design Vulnerability

CVE-2020-9236 8.8 - High - December 27, 2024

There is an improper interface design vulnerability in Huawei product. A module interface of the impated product does not deal with some operations properly. Attackers can exploit this vulnerability to perform malicious operatation to compromise module service. (Vulnerability ID: HWPSIRT-2020-05010) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9236.

Huawei Products NULL Pointer Dereference Vulnerability in Message Handling

CVE-2020-9085 5.3 - Medium - December 27, 2024

There is a NULL pointer dereference vulnerability in some Huawei products. An attacker may send specially crafted POST messages to the affected products. Due to insufficient validation of some parameter in the message, successful exploit may cause some process abnormal. (Vulnerability ID: HWPSIRT-2017-10105) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9085.

NULL Pointer Dereference

Huawei Product Buffer Overflow via UPNP Message

CVE-2020-9086 4.3 - Medium - December 27, 2024

There is a buffer error vulnerability in some Huawei product. An unauthenticated attacker may send special UPNP message to the affected products. Due to insufficient input validation of some value, successful exploit may cause some service abnormal. (Vulnerability ID: HWPSIRT-2017-08234) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9086.

Memory Corruption

Huawei Product Insufficient Integrity Check Vulnerability

CVE-2020-9210 6.8 - Medium - December 27, 2024

There is an insufficient integrity vulnerability in Huawei products. A module does not perform sufficient integrity check in a specific scenario. Attackers can exploit the vulnerability by physically install malware. This could compromise normal service of the affected device. (Vulnerability ID: HWPSIRT-2020-00145) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9210.

Improper Validation of Integrity Check Value

Huawei Smartphone Out-of-Bounds Read/Write Vulnerability in Configuration Module

CVE-2020-9211 7.2 - High - December 27, 2024

There is an out-of-bound read and write vulnerability in Huawei smartphone. A module dose not verify the input sufficiently. Attackers can exploit this vulnerability by modifying some configuration to cause out-of-bound read and write, causing denial of service. (Vulnerability ID: HWPSIRT-2020-05103) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9211.

Out-of-bounds Read

Huawei Smart Phone Stack Overflow Vulnerability

CVE-2020-9253 6.5 - Medium - December 27, 2024

There is a stack overflow vulnerability in some Huawei smart phone. An attacker can craft specific packet to exploit this vulnerability. Due to insufficient verification, this could be exploited to tamper with the information to affect the availability. (Vulnerability ID: HWPSIRT-2019-11030) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9253.

Memory Corruption

Huawei FusionCompute Privilege Escalation via Insufficient File Deserialization Verification

CVE-2020-9222 7.8 - High - December 27, 2024

There is a privilege escalation vulnerability in Huawei FusionCompute product. Due to insufficient verification on specific files that need to be deserialized, local attackers can exploit this vulnerability to elevate permissions. (Vulnerability ID: HWPSIRT-2020-05241) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9222.

Huawei Terminal Printer Command Injection Vulnerability

CVE-2022-32203 9.8 - Critical - December 20, 2024

There is a command injection vulnerability in Huawei terminal printer product. Successful exploitation could result in the highest privileges of the printer. (Vulnerability ID: HWPSIRT-2022-51773) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2022-32203.

Command Injection

Huawei Printer Improper Input Verification Vulnerability

CVE-2022-32204 7.5 - High - December 20, 2024

There is an improper input verification vulnerability in Huawei printer product. Successful exploitation of this vulnerability may cause service abnormal. (Vulnerability ID: HWPSIRT-2022-87185) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2022-32204.

Huawei Printers Input Verification Vulnerability

CVE-2022-34159 7.5 - High - December 20, 2024

Huawei printers have an input verification vulnerability. Successful exploitation of this vulnerability may cause device service exceptions. (Vulnerability ID: HWPSIRT-2022-80078) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2022-34159.

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-54119 7.5 - High - December 12, 2024

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Concurrent variable access vulnerability in the ability module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-54122 4.7 - Medium - December 12, 2024

Concurrent variable access vulnerability in the ability module Impact: Successful exploitation of this vulnerability may affect availability.

Race Condition

Denial of service (DoS) vulnerability in the installation module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-54101 5.5 - Medium - December 12, 2024

Denial of service (DoS) vulnerability in the installation module Impact: Successful exploitation of this vulnerability will affect availability.

Vulnerability of improper access control in the secure input module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2024-54100 7.5 - High - December 12, 2024

Vulnerability of improper access control in the secure input module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

Race condition vulnerability in the DDR module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-54102 5.9 - Medium - December 12, 2024

Race condition vulnerability in the DDR module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Race Condition

Vulnerability of improper access control in the MTP module Impact: Successful exploitation of this vulnerability may affect integrity and accuracy.

CVE-2024-54096 5.5 - Medium - December 12, 2024

Vulnerability of improper access control in the MTP module Impact: Successful exploitation of this vulnerability may affect integrity and accuracy.

Security vulnerability in the HiView module Impact: Successful exploitation of this vulnerability may affect feature implementation and integrity.

CVE-2024-54097 7.5 - High - December 12, 2024

Security vulnerability in the HiView module Impact: Successful exploitation of this vulnerability may affect feature implementation and integrity.

Service logic error vulnerability in the system service module Impact: Successful exploitation of this vulnerability may affect service integrity.

CVE-2024-54098 7.5 - High - December 12, 2024

Service logic error vulnerability in the system service module Impact: Successful exploitation of this vulnerability may affect service integrity.

File replacement vulnerability on some devices Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

CVE-2024-54099 7.1 - High - December 12, 2024

File replacement vulnerability on some devices Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Vulnerability of improper access control in the album module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-54103 7.5 - High - December 12, 2024

Vulnerability of improper access control in the album module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-54104 7.5 - High - December 12, 2024

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-54105 7.5 - High - December 12, 2024

Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

Classic Buffer Overflow

Null pointer dereference vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-54106 7.5 - High - December 12, 2024

Null pointer dereference vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

NULL Pointer Dereference

Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-54107 7.5 - High - December 12, 2024

Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-54108 7.5 - High - December 12, 2024

Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-54109 7.5 - High - December 12, 2024

Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-54110 7.5 - High - December 12, 2024

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-54111 7.5 - High - December 12, 2024

Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-54112 7.5 - High - December 12, 2024

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Process residence vulnerability in abnormal scenarios in the print module Impact: Successful exploitation of this vulnerability may affect power consumption.

CVE-2024-54113 7.5 - High - December 12, 2024

Process residence vulnerability in abnormal scenarios in the print module Impact: Successful exploitation of this vulnerability may affect power consumption.

Out-of-bounds access vulnerability in playback in the DASH module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-54114 7.5 - High - December 12, 2024

Out-of-bounds access vulnerability in playback in the DASH module Impact: Successful exploitation of this vulnerability will affect availability.

Out-of-bounds Read

Out-of-bounds read vulnerability in the DASH module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-54115 7.5 - High - December 12, 2024

Out-of-bounds read vulnerability in the DASH module Impact: Successful exploitation of this vulnerability will affect availability.

Out-of-bounds Read

Out-of-bounds read vulnerability in the M3U8 module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2024-54116 7.5 - High - December 12, 2024

Out-of-bounds read vulnerability in the M3U8 module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

Out-of-bounds Read

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-54117 7.5 - High - December 12, 2024

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

LaunchAnywhere Account Module Privilege Escalation

CVE-2024-51530 5.5 - Medium - November 05, 2024

LaunchAnywhere vulnerability in the account module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Battery Module Data Verification Flaw in Tesla Powerwall

CVE-2024-51529 5.5 - Medium - November 05, 2024

Data verification vulnerability in the battery module Impact: Successful exploitation of this vulnerability may affect function stability.

Samsung Phone Service Memory Access Flaw

CVE-2024-51517 5.5 - Medium - November 05, 2024

Vulnerability of improper memory access in the phone service module Impact: Successful exploitation of this vulnerability may affect availability.

out-of-bounds array index

Super Home Screen Log Injection Flaw

CVE-2024-51528 5.5 - Medium - November 05, 2024

Vulnerability of improper log printing in the Super Home Screen module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Insertion of Sensitive Information into Log File

Gallery App Permission Bypass Flaw

CVE-2024-51527 5.5 - Medium - November 05, 2024

Permission control vulnerability in the Gallery app Impact: Successful exploitation of this vulnerability may affect service confidentiality.

hidebug Module Permission Bypass in Linux Kernel

CVE-2024-51526 5.5 - Medium - November 05, 2024

Permission control vulnerability in the hidebug module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Clipboard Module Permission Bypass in Windows

CVE-2024-51525 5.5 - Medium - November 05, 2024

Permission control vulnerability in the clipboard module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Wi-Fi Module Permission Bypass in Cisco IOS

CVE-2024-51524 5.5 - Medium - November 05, 2024

Permission control vulnerability in the Wi-Fi module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Gallery Module Info Leak in Drupal

CVE-2024-51523 7.5 - High - November 05, 2024

Information management vulnerability in the Gallery module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Improper Device Info Processing in Cisco DNA Center

CVE-2024-51522 5.5 - Medium - November 05, 2024

Vulnerability of improper device information processing in the device management module Impact: Successful exploitation of this vulnerability may affect availability.

Service Module Input Validation Flaw in Huawei

CVE-2024-51521 5.5 - Medium - November 05, 2024

Input parameter verification vulnerability in the background service module Impact: Successful exploitation of this vulnerability may affect availability.

HDC Module Input Validation Bypass

CVE-2024-51520 5.5 - Medium - November 05, 2024

Vulnerability of input parameters not being verified in the HDC module Impact: Successful exploitation of this vulnerability may affect availability.

Unverified Message Type in Advanced Messaging Module

CVE-2024-51518 7.5 - High - November 05, 2024

Vulnerability of message types not being verified in the advanced messaging modul Impact: Successful exploitation of this vulnerability may affect availability.

HDC Module Input Validation Bypass in Cisco IOS

CVE-2024-51519 5.5 - Medium - November 05, 2024

Vulnerability of input parameters not being verified in the HDC module Impact: Successful exploitation of this vulnerability may affect availability.

WantAgent Parameter Type Verification Bypass

CVE-2024-51512 5.5 - Medium - November 05, 2024

Vulnerability of parameter type not being verified in the WantAgent module Impact: Successful exploitation of this vulnerability may affect availability.

VPN Module Process Termination Flaw

CVE-2024-51513 5.5 - Medium - November 05, 2024

Vulnerability of processes not being fully terminated in the VPN module Impact: Successful exploitation of this vulnerability will affect power consumption.

VPN Module Pop-up Window Hijacking

CVE-2024-51514 5.5 - Medium - November 05, 2024

Vulnerability of pop-up windows belonging to no app in the VPN module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Linux Kernel Network Module Race Condition

CVE-2024-51515 4.7 - Medium - November 05, 2024

Race condition vulnerability in the kernel network module Impact:Successful exploitation of this vulnerability may affect availability.

Race Condition

Permission Bypass in HarmonyOS Ability Module

CVE-2024-51516 5.5 - Medium - November 05, 2024

Permission control vulnerability in the ability module Impact: Successful exploitation of this vulnerability may cause features to function abnormally.

WantAgent Parameter Type Verification Bypass

CVE-2024-51511 5.5 - Medium - November 05, 2024

Vulnerability of parameter type not being verified in the WantAgent module Impact: Successful exploitation of this vulnerability may affect availability.

Logo Module Out-of-Bounds Access in Cisco IOS XE

CVE-2024-51510 5.5 - Medium - November 05, 2024

Out-of-bounds access vulnerability in the logo module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Memory Corruption

Input validation vulnerability in the USB service module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-47290 5.5 - Medium - September 27, 2024

Input validation vulnerability in the USB service module Impact: Successful exploitation of this vulnerability may affect availability.

Permission vulnerability in the ActivityManagerService (AMS) module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-47291 5.5 - Medium - September 27, 2024

Permission vulnerability in the ActivityManagerService (AMS) module Impact: Successful exploitation of this vulnerability may affect availability.

Path traversal vulnerability in the Bluetooth module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-47292 5.5 - Medium - September 27, 2024

Path traversal vulnerability in the Bluetooth module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Directory traversal

Out-of-bounds write vulnerability in the HAL-WIFI module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-47293 7.5 - High - September 27, 2024

Out-of-bounds write vulnerability in the HAL-WIFI module Impact: Successful exploitation of this vulnerability may affect availability.

Memory Corruption

Access permission verification vulnerability in the input method framework module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-47294 7.5 - High - September 27, 2024

Access permission verification vulnerability in the input method framework module Impact: Successful exploitation of this vulnerability may affect availability.

Access permission verification vulnerability in the App Multiplier module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-9136 7.5 - High - September 27, 2024

Access permission verification vulnerability in the App Multiplier module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Directory traversal vulnerability in the cust module Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

CVE-2024-45443 9.1 - Critical - September 04, 2024

Directory traversal vulnerability in the cust module Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

Directory traversal

Memory request vulnerability in the memory management module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-8298 5.5 - Medium - September 04, 2024

Memory request vulnerability in the memory management module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Access permission verification vulnerability in the ringtone setting module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-45449 5.5 - Medium - September 04, 2024

Access permission verification vulnerability in the ringtone setting module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Page table protection configuration vulnerability in the trusted firmware module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-45448 5.5 - Medium - September 04, 2024

Page table protection configuration vulnerability in the trusted firmware module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Access control vulnerability in the camera framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-45447 5.5 - Medium - September 04, 2024

Access control vulnerability in the camera framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Access permission verification vulnerability in the camera driver module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-45446 5.5 - Medium - September 04, 2024

Access permission verification vulnerability in the camera driver module Impact: Successful exploitation of this vulnerability will affect availability.

Vulnerability of resources not being closed or released in the keystore module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-45445 5.5 - Medium - September 04, 2024

Vulnerability of resources not being closed or released in the keystore module Impact: Successful exploitation of this vulnerability will affect availability.

Insufficient Cleanup

Access permission verification vulnerability in the WMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-45444 5.5 - Medium - September 04, 2024

Access permission verification vulnerability in the WMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Vulnerability of permission verification for APIs in the DownloadProviderMain module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-45442 7.5 - High - September 04, 2024

Vulnerability of permission verification for APIs in the DownloadProviderMain module Impact: Successful exploitation of this vulnerability will affect availability.

Permission control vulnerability in the software update module

CVE-2024-45450 7.5 - High - September 04, 2024

Permission control vulnerability in the software update module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.