Huawei
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any Huawei product.
Products by Huawei Sorted by Most Security Vulnerabilities since 2018
By the Year
In 2025 there have been 28 vulnerabilities in Huawei with an average score of 6.9 out of ten. Last year, in 2024 Huawei had 162 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Huawei in 2025 could surpass last years number. However, the average CVE base score of the vulnerabilities in 2025 is greater by 0.15.
Year | Vulnerabilities | Average Score |
---|---|---|
2025 | 28 | 6.86 |
2024 | 162 | 6.72 |
2023 | 241 | 7.50 |
2022 | 303 | 7.56 |
2021 | 255 | 7.33 |
2020 | 14 | 7.10 |
2019 | 12 | 6.93 |
2018 | 5 | 6.26 |
It may take a day or so for new Huawei vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Huawei Security Vulnerabilities
Startup control vulnerability in the ability module
Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2024-54121
7.5 - High
- January 08, 2025
Startup control vulnerability in the ability module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
Vulnerability of improper access control in the home screen widget module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56448
7.5 - High
- January 08, 2025
Vulnerability of improper access control in the home screen widget module Impact: Successful exploitation of this vulnerability may affect availability.
Privilege escalation vulnerability in the Account module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-56449
7.5 - High
- January 08, 2025
Privilege escalation vulnerability in the Account module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Buffer overflow vulnerability in the component driver module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56450
5.5 - Medium
- January 08, 2025
Buffer overflow vulnerability in the component driver module Impact: Successful exploitation of this vulnerability may affect availability.
Classic Buffer Overflow
Integer overflow vulnerability during glTF model loading in the 3D engine module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56451
5.5 - Medium
- January 08, 2025
Integer overflow vulnerability during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.
Integer Overflow or Wraparound
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56452
5.5 - Medium
- January 08, 2025
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56453
5.5 - Medium
- January 08, 2025
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56454
5.5 - Medium
- January 08, 2025
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56455
5.5 - Medium
- January 08, 2025
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56456
5.5 - Medium
- January 08, 2025
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.
Vulnerability of improper memory address protection in the HUKS module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56438
7.5 - High
- January 08, 2025
Vulnerability of improper memory address protection in the HUKS module Impact: Successful exploitation of this vulnerability may affect availability.
Access control vulnerability in the identity authentication module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-56439
7.5 - High
- January 08, 2025
Access control vulnerability in the identity authentication module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Permission control vulnerability in the Connectivity module
Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2024-56440
7.5 - High
- January 08, 2025
Permission control vulnerability in the Connectivity module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
Incorrect Default Permissions
Race condition vulnerability in the Bastet module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-56441
5.9 - Medium
- January 08, 2025
Race condition vulnerability in the Bastet module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Race Condition
Vulnerability of native APIs not being implemented in the NFC service module
Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2024-56442
7.5 - High
- January 08, 2025
Vulnerability of native APIs not being implemented in the NFC service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
Cross-process screen stack vulnerability in the UIExtension module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-56443
7.5 - High
- January 08, 2025
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Cross-process screen stack vulnerability in the UIExtension module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-56444
7.5 - High
- January 08, 2025
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Instruction authentication bypass vulnerability in the Findnetwork module
Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2024-56445
5.3 - Medium
- January 08, 2025
Instruction authentication bypass vulnerability in the Findnetwork module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
authentification
Vulnerability of variables not being initialized in the notification module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56446
7.5 - High
- January 08, 2025
Vulnerability of variables not being initialized in the notification module Impact: Successful exploitation of this vulnerability may affect availability.
Use of Uninitialized Resource
Vulnerability of improper permission control in the window management module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-56447
7.5 - High
- January 08, 2025
Vulnerability of improper permission control in the window management module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Incorrect Default Permissions
Path traversal vulnerability in the Medialibrary module
Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
CVE-2023-52953
9.1 - Critical
- January 08, 2025
Path traversal vulnerability in the Medialibrary module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
Directory traversal
Vulnerability of improper permission control in the Gallery module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2023-52954
7.5 - High
- January 08, 2025
Vulnerability of improper permission control in the Gallery module Impact: Successful exploitation of this vulnerability may affect availability.
Incorrect Default Permissions
Vulnerability of improper authentication in the ANS system service module
Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2023-52955
7.5 - High
- January 08, 2025
Vulnerability of improper authentication in the ANS system service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
authentification
Race condition vulnerability in the distributed notification module
Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2024-54120
5.9 - Medium
- January 08, 2025
Race condition vulnerability in the distributed notification module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
Race Condition
Vulnerability of input parameters not being verified in the widget framework module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56437
7.5 - High
- January 08, 2025
Vulnerability of input parameters not being verified in the widget framework module Impact: Successful exploitation of this vulnerability may affect availability.
UAF vulnerability in the device node access module
Impact: Successful exploitation of this vulnerability may cause service exceptions of the device.
CVE-2024-56434
7.5 - High
- January 08, 2025
UAF vulnerability in the device node access module Impact: Successful exploitation of this vulnerability may cause service exceptions of the device.
Cross-process screen stack vulnerability in the UIExtension module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-56435
7.5 - High
- January 08, 2025
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Cross-process screen stack vulnerability in the UIExtension module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-56436
7.5 - High
- January 08, 2025
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Huawei Smartphones Information Disclosure Vulnerability in Applock
CVE-2020-9082
4.6 - Medium
- December 27, 2024
There is an information disclosure vulnerability in several smartphones. The system has a logic judging error under certain scenario, the attacker should gain the permit to execute commands in ADB mode and then do a series of operation on the phone. Successful exploit could allow the attacker to gain certain information from certain apps locked by Applock. (Vulnerability ID: HWPSIRT-2019-07112) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9082.
Huawei Product Improper Interface Design Vulnerability
CVE-2020-9236
8.8 - High
- December 27, 2024
There is an improper interface design vulnerability in Huawei product. A module interface of the impated product does not deal with some operations properly. Attackers can exploit this vulnerability to perform malicious operatation to compromise module service. (Vulnerability ID: HWPSIRT-2020-05010) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9236.
Huawei Products NULL Pointer Dereference Vulnerability in Message Handling
CVE-2020-9085
5.3 - Medium
- December 27, 2024
There is a NULL pointer dereference vulnerability in some Huawei products. An attacker may send specially crafted POST messages to the affected products. Due to insufficient validation of some parameter in the message, successful exploit may cause some process abnormal. (Vulnerability ID: HWPSIRT-2017-10105) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9085.
NULL Pointer Dereference
Huawei Product Buffer Overflow via UPNP Message
CVE-2020-9086
4.3 - Medium
- December 27, 2024
There is a buffer error vulnerability in some Huawei product. An unauthenticated attacker may send special UPNP message to the affected products. Due to insufficient input validation of some value, successful exploit may cause some service abnormal. (Vulnerability ID: HWPSIRT-2017-08234) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9086.
Memory Corruption
Huawei Product Insufficient Integrity Check Vulnerability
CVE-2020-9210
6.8 - Medium
- December 27, 2024
There is an insufficient integrity vulnerability in Huawei products. A module does not perform sufficient integrity check in a specific scenario. Attackers can exploit the vulnerability by physically install malware. This could compromise normal service of the affected device. (Vulnerability ID: HWPSIRT-2020-00145) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9210.
Improper Validation of Integrity Check Value
Huawei Smartphone Out-of-Bounds Read/Write Vulnerability in Configuration Module
CVE-2020-9211
7.2 - High
- December 27, 2024
There is an out-of-bound read and write vulnerability in Huawei smartphone. A module dose not verify the input sufficiently. Attackers can exploit this vulnerability by modifying some configuration to cause out-of-bound read and write, causing denial of service. (Vulnerability ID: HWPSIRT-2020-05103) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9211.
Out-of-bounds Read
Huawei Smart Phone Stack Overflow Vulnerability
CVE-2020-9253
6.5 - Medium
- December 27, 2024
There is a stack overflow vulnerability in some Huawei smart phone. An attacker can craft specific packet to exploit this vulnerability. Due to insufficient verification, this could be exploited to tamper with the information to affect the availability. (Vulnerability ID: HWPSIRT-2019-11030) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9253.
Memory Corruption
Huawei FusionCompute Privilege Escalation via Insufficient File Deserialization Verification
CVE-2020-9222
7.8 - High
- December 27, 2024
There is a privilege escalation vulnerability in Huawei FusionCompute product. Due to insufficient verification on specific files that need to be deserialized, local attackers can exploit this vulnerability to elevate permissions. (Vulnerability ID: HWPSIRT-2020-05241) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9222.
Huawei Terminal Printer Command Injection Vulnerability
CVE-2022-32203
9.8 - Critical
- December 20, 2024
There is a command injection vulnerability in Huawei terminal printer product. Successful exploitation could result in the highest privileges of the printer. (Vulnerability ID: HWPSIRT-2022-51773) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2022-32203.
Command Injection
Huawei Printer Improper Input Verification Vulnerability
CVE-2022-32204
7.5 - High
- December 20, 2024
There is an improper input verification vulnerability in Huawei printer product. Successful exploitation of this vulnerability may cause service abnormal. (Vulnerability ID: HWPSIRT-2022-87185) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2022-32204.
Huawei Printers Input Verification Vulnerability
CVE-2022-34159
7.5 - High
- December 20, 2024
Huawei printers have an input verification vulnerability. Successful exploitation of this vulnerability may cause device service exceptions. (Vulnerability ID: HWPSIRT-2022-80078) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2022-34159.
Cross-process screen stack vulnerability in the UIExtension module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54119
7.5 - High
- December 12, 2024
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Concurrent variable access vulnerability in the ability module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-54122
4.7 - Medium
- December 12, 2024
Concurrent variable access vulnerability in the ability module Impact: Successful exploitation of this vulnerability may affect availability.
Race Condition
Denial of service (DoS) vulnerability in the installation module
Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-54101
5.5 - Medium
- December 12, 2024
Denial of service (DoS) vulnerability in the installation module Impact: Successful exploitation of this vulnerability will affect availability.
Vulnerability of improper access control in the secure input module
Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2024-54100
7.5 - High
- December 12, 2024
Vulnerability of improper access control in the secure input module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
Race condition vulnerability in the DDR module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54102
5.9 - Medium
- December 12, 2024
Race condition vulnerability in the DDR module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Race Condition
Vulnerability of improper access control in the MTP module
Impact: Successful exploitation of this vulnerability may affect integrity and accuracy.
CVE-2024-54096
5.5 - Medium
- December 12, 2024
Vulnerability of improper access control in the MTP module Impact: Successful exploitation of this vulnerability may affect integrity and accuracy.
Security vulnerability in the HiView module
Impact: Successful exploitation of this vulnerability may affect feature implementation and integrity.
CVE-2024-54097
7.5 - High
- December 12, 2024
Security vulnerability in the HiView module Impact: Successful exploitation of this vulnerability may affect feature implementation and integrity.
Service logic error vulnerability in the system service module
Impact: Successful exploitation of this vulnerability may affect service integrity.
CVE-2024-54098
7.5 - High
- December 12, 2024
Service logic error vulnerability in the system service module Impact: Successful exploitation of this vulnerability may affect service integrity.
File replacement vulnerability on some devices
Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
CVE-2024-54099
7.1 - High
- December 12, 2024
File replacement vulnerability on some devices Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
Vulnerability of improper access control in the album module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54103
7.5 - High
- December 12, 2024
Vulnerability of improper access control in the album module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Cross-process screen stack vulnerability in the UIExtension module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54104
7.5 - High
- December 12, 2024
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Read/Write vulnerability in the image decoding module
Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-54105
7.5 - High
- December 12, 2024
Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.
Classic Buffer Overflow
Null pointer dereference vulnerability in the image decoding module
Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-54106
7.5 - High
- December 12, 2024
Null pointer dereference vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.
NULL Pointer Dereference
Read/Write vulnerability in the image decoding module
Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-54107
7.5 - High
- December 12, 2024
Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.
Read/Write vulnerability in the image decoding module
Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-54108
7.5 - High
- December 12, 2024
Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.
Read/Write vulnerability in the image decoding module
Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-54109
7.5 - High
- December 12, 2024
Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.
Cross-process screen stack vulnerability in the UIExtension module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54110
7.5 - High
- December 12, 2024
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Read/Write vulnerability in the image decoding module
Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-54111
7.5 - High
- December 12, 2024
Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.
Cross-process screen stack vulnerability in the UIExtension module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54112
7.5 - High
- December 12, 2024
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Process residence vulnerability in abnormal scenarios in the print module
Impact: Successful exploitation of this vulnerability may affect power consumption.
CVE-2024-54113
7.5 - High
- December 12, 2024
Process residence vulnerability in abnormal scenarios in the print module Impact: Successful exploitation of this vulnerability may affect power consumption.
Out-of-bounds access vulnerability in playback in the DASH module
Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-54114
7.5 - High
- December 12, 2024
Out-of-bounds access vulnerability in playback in the DASH module Impact: Successful exploitation of this vulnerability will affect availability.
Out-of-bounds Read
Out-of-bounds read vulnerability in the DASH module
Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-54115
7.5 - High
- December 12, 2024
Out-of-bounds read vulnerability in the DASH module Impact: Successful exploitation of this vulnerability will affect availability.
Out-of-bounds Read
Out-of-bounds read vulnerability in the M3U8 module
Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2024-54116
7.5 - High
- December 12, 2024
Out-of-bounds read vulnerability in the M3U8 module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
Out-of-bounds Read
Cross-process screen stack vulnerability in the UIExtension module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54117
7.5 - High
- December 12, 2024
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
LaunchAnywhere Account Module Privilege Escalation
CVE-2024-51530
5.5 - Medium
- November 05, 2024
LaunchAnywhere vulnerability in the account module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Battery Module Data Verification Flaw in Tesla Powerwall
CVE-2024-51529
5.5 - Medium
- November 05, 2024
Data verification vulnerability in the battery module Impact: Successful exploitation of this vulnerability may affect function stability.
Samsung Phone Service Memory Access Flaw
CVE-2024-51517
5.5 - Medium
- November 05, 2024
Vulnerability of improper memory access in the phone service module Impact: Successful exploitation of this vulnerability may affect availability.
out-of-bounds array index
Super Home Screen Log Injection Flaw
CVE-2024-51528
5.5 - Medium
- November 05, 2024
Vulnerability of improper log printing in the Super Home Screen module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Insertion of Sensitive Information into Log File
Gallery App Permission Bypass Flaw
CVE-2024-51527
5.5 - Medium
- November 05, 2024
Permission control vulnerability in the Gallery app Impact: Successful exploitation of this vulnerability may affect service confidentiality.
hidebug Module Permission Bypass in Linux Kernel
CVE-2024-51526
5.5 - Medium
- November 05, 2024
Permission control vulnerability in the hidebug module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Clipboard Module Permission Bypass in Windows
CVE-2024-51525
5.5 - Medium
- November 05, 2024
Permission control vulnerability in the clipboard module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Wi-Fi Module Permission Bypass in Cisco IOS
CVE-2024-51524
5.5 - Medium
- November 05, 2024
Permission control vulnerability in the Wi-Fi module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Gallery Module Info Leak in Drupal
CVE-2024-51523
7.5 - High
- November 05, 2024
Information management vulnerability in the Gallery module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Improper Device Info Processing in Cisco DNA Center
CVE-2024-51522
5.5 - Medium
- November 05, 2024
Vulnerability of improper device information processing in the device management module Impact: Successful exploitation of this vulnerability may affect availability.
Service Module Input Validation Flaw in Huawei
CVE-2024-51521
5.5 - Medium
- November 05, 2024
Input parameter verification vulnerability in the background service module Impact: Successful exploitation of this vulnerability may affect availability.
HDC Module Input Validation Bypass
CVE-2024-51520
5.5 - Medium
- November 05, 2024
Vulnerability of input parameters not being verified in the HDC module Impact: Successful exploitation of this vulnerability may affect availability.
Unverified Message Type in Advanced Messaging Module
CVE-2024-51518
7.5 - High
- November 05, 2024
Vulnerability of message types not being verified in the advanced messaging modul Impact: Successful exploitation of this vulnerability may affect availability.
HDC Module Input Validation Bypass in Cisco IOS
CVE-2024-51519
5.5 - Medium
- November 05, 2024
Vulnerability of input parameters not being verified in the HDC module Impact: Successful exploitation of this vulnerability may affect availability.
WantAgent Parameter Type Verification Bypass
CVE-2024-51512
5.5 - Medium
- November 05, 2024
Vulnerability of parameter type not being verified in the WantAgent module Impact: Successful exploitation of this vulnerability may affect availability.
VPN Module Process Termination Flaw
CVE-2024-51513
5.5 - Medium
- November 05, 2024
Vulnerability of processes not being fully terminated in the VPN module Impact: Successful exploitation of this vulnerability will affect power consumption.
VPN Module Pop-up Window Hijacking
CVE-2024-51514
5.5 - Medium
- November 05, 2024
Vulnerability of pop-up windows belonging to no app in the VPN module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Linux Kernel Network Module Race Condition
CVE-2024-51515
4.7 - Medium
- November 05, 2024
Race condition vulnerability in the kernel network module Impact:Successful exploitation of this vulnerability may affect availability.
Race Condition
Permission Bypass in HarmonyOS Ability Module
CVE-2024-51516
5.5 - Medium
- November 05, 2024
Permission control vulnerability in the ability module Impact: Successful exploitation of this vulnerability may cause features to function abnormally.
WantAgent Parameter Type Verification Bypass
CVE-2024-51511
5.5 - Medium
- November 05, 2024
Vulnerability of parameter type not being verified in the WantAgent module Impact: Successful exploitation of this vulnerability may affect availability.
Logo Module Out-of-Bounds Access in Cisco IOS XE
CVE-2024-51510
5.5 - Medium
- November 05, 2024
Out-of-bounds access vulnerability in the logo module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Memory Corruption
Input validation vulnerability in the USB service module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-47290
5.5 - Medium
- September 27, 2024
Input validation vulnerability in the USB service module Impact: Successful exploitation of this vulnerability may affect availability.
Permission vulnerability in the ActivityManagerService (AMS) module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-47291
5.5 - Medium
- September 27, 2024
Permission vulnerability in the ActivityManagerService (AMS) module Impact: Successful exploitation of this vulnerability may affect availability.
Path traversal vulnerability in the Bluetooth module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-47292
5.5 - Medium
- September 27, 2024
Path traversal vulnerability in the Bluetooth module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Directory traversal
Out-of-bounds write vulnerability in the HAL-WIFI module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-47293
7.5 - High
- September 27, 2024
Out-of-bounds write vulnerability in the HAL-WIFI module Impact: Successful exploitation of this vulnerability may affect availability.
Memory Corruption
Access permission verification vulnerability in the input method framework module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-47294
7.5 - High
- September 27, 2024
Access permission verification vulnerability in the input method framework module Impact: Successful exploitation of this vulnerability may affect availability.
Access permission verification vulnerability in the App Multiplier module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-9136
7.5 - High
- September 27, 2024
Access permission verification vulnerability in the App Multiplier module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Directory traversal vulnerability in the cust module
Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
CVE-2024-45443
9.1 - Critical
- September 04, 2024
Directory traversal vulnerability in the cust module Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
Directory traversal
Memory request vulnerability in the memory management module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-8298
5.5 - Medium
- September 04, 2024
Memory request vulnerability in the memory management module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Access permission verification vulnerability in the ringtone setting module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-45449
5.5 - Medium
- September 04, 2024
Access permission verification vulnerability in the ringtone setting module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Page table protection configuration vulnerability in the trusted firmware module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-45448
5.5 - Medium
- September 04, 2024
Page table protection configuration vulnerability in the trusted firmware module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Access control vulnerability in the camera framework module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-45447
5.5 - Medium
- September 04, 2024
Access control vulnerability in the camera framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Access permission verification vulnerability in the camera driver module
Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-45446
5.5 - Medium
- September 04, 2024
Access permission verification vulnerability in the camera driver module Impact: Successful exploitation of this vulnerability will affect availability.
Vulnerability of resources not being closed or released in the keystore module
Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-45445
5.5 - Medium
- September 04, 2024
Vulnerability of resources not being closed or released in the keystore module Impact: Successful exploitation of this vulnerability will affect availability.
Insufficient Cleanup
Access permission verification vulnerability in the WMS module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-45444
5.5 - Medium
- September 04, 2024
Access permission verification vulnerability in the WMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Vulnerability of permission verification for APIs in the DownloadProviderMain module
Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-45442
7.5 - High
- September 04, 2024
Vulnerability of permission verification for APIs in the DownloadProviderMain module Impact: Successful exploitation of this vulnerability will affect availability.