Huawei Huawei

Do you want an email whenever new security vulnerabilities are reported in any Huawei product?

Products by Huawei Sorted by Most Security Vulnerabilities since 2018

Huawei Harmonyos182 vulnerabilities

Huawei Emui167 vulnerabilities

Huawei Magic Ui166 vulnerabilities

Huawei Manageone15 vulnerabilities

Huawei Fusioncompute8 vulnerabilities

Huawei Pcmanager7 vulnerabilities

Huawei Pcmanageroversea3 vulnerabilities

Huawei Pcmanagerchina3 vulnerabilities

Huawei Campusinsight3 vulnerabilities

Huawei Hisuite3 vulnerabilities

Huawei Gaussdb 2003 vulnerabilities

Huawei Appgallery2 vulnerabilities

Huawei Imanager Neteco 60002 vulnerabilities

Huawei Imanager Neteco2 vulnerabilities

Huawei Ne201 vulnerability

Huawei Vip App1 vulnerability

Huawei Utps Firmware1 vulnerability

Huawei Smc2 01 vulnerability

Huawei Anyoffice1 vulnerability

Huawei Atb1 vulnerability

Huawei Atn1 vulnerability

Huawei Ne5000e1 vulnerability

Huawei Ne40e80e1 vulnerability

Huawei Ne40801 vulnerability

Huawei Ne20e X61 vulnerability

Huawei Hedex Lite1 vulnerability

Huawei Me601 vulnerability

Huawei Cx6001 vulnerability

Huawei Elf G10hn1 vulnerability

Huawei Ma5200g1 vulnerability

Huawei Imaster Mae M1 vulnerability

Huawei Espace Desktop1 vulnerability

Huawei Fusionaccess1 vulnerability

Huawei Hwbackup1 vulnerability

Huawei Hg532e1 vulnerability

Huawei Hg255s1 vulnerability

By the Year

In 2022 there have been 70 vulnerabilities in Huawei with an average score of 7.5 out of ten. Last year Huawei had 255 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Huawei in 2022 could surpass last years number. However, the average CVE base score of the vulnerabilities in 2022 is greater by 0.20.

Year Vulnerabilities Average Score
2022 70 7.52
2021 255 7.33
2020 14 7.10
2019 12 6.93
2018 5 6.26

It may take a day or so for new Huawei vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Huawei Security Vulnerabilities

There is an Integer overflow vulnerability with ACPU in smartphones

CVE-2021-39993 9.8 - Critical - January 10, 2022

There is an Integer overflow vulnerability with ACPU in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access.

Integer Overflow or Wraparound

The CaasKit module has a path traversal vulnerability

CVE-2021-40001 5.3 - Medium - January 10, 2022

The CaasKit module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause the MeeTime application to be unavailable.

Directory traversal

The Bluetooth module has an out-of-bounds write vulnerability

CVE-2021-40002 8.8 - High - January 10, 2022

The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end.

Memory Corruption

HwPCAssistant has a path traversal vulnerability

CVE-2021-40003 5.3 - Medium - January 10, 2022

HwPCAssistant has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.

Directory traversal

The cellular module has a vulnerability in permission management

CVE-2021-40004 7.5 - High - January 10, 2022

The cellular module has a vulnerability in permission management. Successful exploitation of this vulnerability may affect data confidentiality.

Incorrect Default Permissions

The distributed data service component has a vulnerability in data access control

CVE-2021-40005 7.5 - High - January 10, 2022

The distributed data service component has a vulnerability in data access control. Successful exploitation of this vulnerability may affect data confidentiality.

Exposure of Resource to Wrong Sphere

There is an Out-of-bounds write vulnerability in the AOD module in smartphones

CVE-2021-40009 5.3 - Medium - January 10, 2022

There is an Out-of-bounds write vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.

Memory Corruption

The bone voice ID TA has a vulnerability in information management

CVE-2021-40032 7.5 - High - January 10, 2022

The bone voice ID TA has a vulnerability in information management,Successful exploitation of this vulnerability may affect data confidentiality.

There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones

CVE-2021-40035 7.5 - High - January 10, 2022

There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability.

Classic Buffer Overflow

There is a Vulnerability of accessing resources using an incompatible type (type confusion) in the MPTCP subsystem in smartphones

CVE-2021-40037 5.5 - Medium - January 10, 2022

There is a Vulnerability of accessing resources using an incompatible type (type confusion) in the MPTCP subsystem in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart.

Object Type Confusion

There is a Double free vulnerability in the AOD module in smartphones

CVE-2021-40038 7.5 - High - January 10, 2022

There is a Double free vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.

Double-free

There is a Null pointer dereference vulnerability in the camera module in smartphones

CVE-2021-40039 7.5 - High - January 10, 2022

There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity.

NULL Pointer Dereference

The fingerprint module has a security risk of brute force cracking

CVE-2021-40006 4.6 - Medium - January 10, 2022

The fingerprint module has a security risk of brute force cracking. Successful exploitation of this vulnerability may affect data confidentiality.

Inadequate Encryption Strength

There is a Heap-based buffer overflow vulnerability in the AOD module in smartphones

CVE-2021-40026 7.5 - High - January 10, 2022

There is a Heap-based buffer overflow vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.

Memory Corruption

The bone voice ID TA has a vulnerability in calculating the buffer length

CVE-2021-40027 7.5 - High - January 10, 2022

The bone voice ID TA has a vulnerability in calculating the buffer length,Successful exploitation of this vulnerability may affect data confidentiality.

Buffer Overflow

The eID module has an out-of-bounds memory write vulnerability

CVE-2021-40028 7.5 - High - January 10, 2022

The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data integrity.

Memory Corruption

There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones

CVE-2021-40029 7.5 - High - January 10, 2022

There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability.

Classic Buffer Overflow

There is a Null pointer dereference vulnerability in the camera module in smartphones

CVE-2021-40031 7.5 - High - January 10, 2022

There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity.

NULL Pointer Dereference

There is a Heap-based buffer overflow vulnerability with the NFC module in smartphones

CVE-2021-39996 9.8 - Critical - January 10, 2022

There is a Heap-based buffer overflow vulnerability with the NFC module in smartphones. Successful exploitation of this vulnerability may cause memory overflow.

Memory Corruption

There is Vulnerability of APIs being concurrently called for multiple times in HwConnectivityExService a in smartphones

CVE-2021-39998 7.5 - High - January 10, 2022

There is Vulnerability of APIs being concurrently called for multiple times in HwConnectivityExService a in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart.

The bone voice ID trusted application (TA) has a heap overflow vulnerability

CVE-2021-40010 9.8 - Critical - January 10, 2022

The bone voice ID trusted application (TA) has a heap overflow vulnerability. Successful exploitation of this vulnerability may result in malicious code execution.

Memory Corruption

There is an Uncontrolled resource consumption vulnerability in the display module in smartphones

CVE-2021-40011 9.1 - Critical - January 10, 2022

There is an Uncontrolled resource consumption vulnerability in the display module in smartphones. Successful exploitation of this vulnerability may affect service integrity.

Resource Exhaustion

The bone voice ID trusted application (TA) has a heap overflow vulnerability

CVE-2021-40014 7.5 - High - January 10, 2022

The bone voice ID trusted application (TA) has a heap overflow vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.

Memory Corruption

The eID module has a null pointer reference vulnerability

CVE-2021-40018 7.5 - High - January 10, 2022

The eID module has a null pointer reference vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.

NULL Pointer Dereference

There is an Out-of-bounds array read vulnerability in the security storage module in smartphones

CVE-2021-40020 7.5 - High - January 10, 2022

There is an Out-of-bounds array read vulnerability in the security storage module in smartphones. Successful exploitation of this vulnerability may affect service confidentiality.

Out-of-bounds Read

The eID module has an out-of-bounds memory write vulnerability

CVE-2021-40021 7.5 - High - January 10, 2022

The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data confidentiality.

Memory Corruption

The weaver module has a vulnerability in parameter type verification

CVE-2021-40022 7.5 - High - January 10, 2022

The weaver module has a vulnerability in parameter type verification,Successful exploitation of this vulnerability may affect data confidentiality.

The eID module has a vulnerability

CVE-2021-40025 7.5 - High - January 10, 2022

The eID module has a vulnerability that causes the memory to be used without being initialized,Successful exploitation of this vulnerability may affect data confidentiality.

Improper Initialization

The Bluetooth module has an out-of-bounds write vulnerability

CVE-2021-40000 8.8 - High - January 10, 2022

The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end.

Memory Corruption

Telephony application has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could lead to sensitive information disclosure.

CVE-2021-39980 5.3 - Medium - January 03, 2022

Telephony application has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could lead to sensitive information disclosure.

Exposure of Resource to Wrong Sphere

Chang Lian application has a vulnerability which can be maliciously exploited to hide the calling number.Successful exploitation of this vulnerability

CVE-2021-39981 5.3 - Medium - January 03, 2022

Chang Lian application has a vulnerability which can be maliciously exploited to hide the calling number.Successful exploitation of this vulnerability allows you to make an anonymous call.

Phone Manager application has a Improper Privilege Management vulnerability.Successful exploitation of this vulnerability may read and write arbitrary files by tampering with Phone Manager notifications.

CVE-2021-39982 9.1 - Critical - January 03, 2022

Phone Manager application has a Improper Privilege Management vulnerability.Successful exploitation of this vulnerability may read and write arbitrary files by tampering with Phone Manager notifications.

Improper Privilege Management

The HwNearbyMain module has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause a process to restart.

CVE-2021-39983 7.5 - High - January 03, 2022

The HwNearbyMain module has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause a process to restart.

Huawei idap module has a Out-of-bounds Read vulnerability.Successful exploitation of this vulnerability may cause Denial of Service.

CVE-2021-39984 7.5 - High - January 03, 2022

Huawei idap module has a Out-of-bounds Read vulnerability.Successful exploitation of this vulnerability may cause Denial of Service.

Out-of-bounds Read

The HwNearbyMain module has a Improper Validation of Array Index vulnerability.Successful exploitation of this vulnerability may cause a process to restart.

CVE-2021-39985 7.5 - High - January 03, 2022

The HwNearbyMain module has a Improper Validation of Array Index vulnerability.Successful exploitation of this vulnerability may cause a process to restart.

out-of-bounds array index

The HwNearbyMain module has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause a process to restart.

CVE-2021-39987 7.5 - High - January 03, 2022

The HwNearbyMain module has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause a process to restart.

Object Type Confusion

The HwNearbyMain module has a NULL Pointer Dereference vulnerability.Successful exploitation of this vulnerability may cause a process to restart.

CVE-2021-39988 7.5 - High - January 03, 2022

The HwNearbyMain module has a NULL Pointer Dereference vulnerability.Successful exploitation of this vulnerability may cause a process to restart.

NULL Pointer Dereference

The HwNearbyMain module has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability may cause a process to restart.

CVE-2021-39989 7.5 - High - January 03, 2022

The HwNearbyMain module has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability may cause a process to restart.

Incorrect Type Conversion or Cast

The screen lock module has a Stack-based Buffer Overflow vulnerability.Successful exploitation of this vulnerability may affect user experience.

CVE-2021-39990 9.8 - Critical - January 03, 2022

The screen lock module has a Stack-based Buffer Overflow vulnerability.Successful exploitation of this vulnerability may affect user experience.

Memory Corruption

There is a Privilege escalation vulnerability with the file system component in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37113 7.5 - High - January 03, 2022

There is a Privilege escalation vulnerability with the file system component in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.

Improper Privilege Management

There is a Double free vulnerability in Smartphone.Successful exploitation of this vulnerability may cause a kernel crash or privilege escalation.

CVE-2021-37120 9.8 - Critical - January 03, 2022

There is a Double free vulnerability in Smartphone.Successful exploitation of this vulnerability may cause a kernel crash or privilege escalation.

Double-free

There is a Configuration defects in Smartphone.Successful exploitation of this vulnerability may elevate the MEID (IMEI) permission.

CVE-2021-37121 9.8 - Critical - January 03, 2022

There is a Configuration defects in Smartphone.Successful exploitation of this vulnerability may elevate the MEID (IMEI) permission.

Improper Privilege Management

Arbitrary file has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability .Successful exploitation of this vulnerability may cause confidentiality is affected.

CVE-2021-37125 7.5 - High - January 03, 2022

Arbitrary file has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability .Successful exploitation of this vulnerability may cause confidentiality is affected.

Information Disclosure

There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37133 7.5 - High - January 03, 2022

There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.

Exposure of Resource to Wrong Sphere

Location-related APIs exists a Race Condition vulnerability.Successful exploitation of this vulnerability may use Higher Permissions for invoking the interface of location-related components.

CVE-2021-37134 8.1 - High - January 03, 2022

Location-related APIs exists a Race Condition vulnerability.Successful exploitation of this vulnerability may use Higher Permissions for invoking the interface of location-related components.

Race Condition

There is an Uninitialized AOD driver structure in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-39966 7.5 - High - January 03, 2022

There is an Uninitialized AOD driver structure in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.

Missing Initialization of Resource

There is a Vulnerability of obtaining broadcast information improperly due to improper broadcast permission settings in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-39967 7.5 - High - January 03, 2022

There is a Vulnerability of obtaining broadcast information improperly due to improper broadcast permission settings in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.

Incorrect Default Permissions

Changlian Blocklist has a Business Logic Errors vulnerability .Successful exploitation of this vulnerability may expand the attack surface of the message class.

CVE-2021-39968 7.5 - High - January 03, 2022

Changlian Blocklist has a Business Logic Errors vulnerability .Successful exploitation of this vulnerability may expand the attack surface of the message class.

There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-39969 7.5 - High - January 03, 2022

There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.

Exposure of Resource to Wrong Sphere

HwPCAssistant has a Improper Input Validation vulnerability.Successful exploitation of this vulnerability may create any file with the system app permission.

CVE-2021-39970 7.5 - High - January 03, 2022

HwPCAssistant has a Improper Input Validation vulnerability.Successful exploitation of this vulnerability may create any file with the system app permission.

Directory traversal

Password vault has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability could compromise confidentiality.

CVE-2021-39971 7.5 - High - January 03, 2022

Password vault has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability could compromise confidentiality.

Externally Controlled Reference to a Resource in Another Sphere

MyHuawei-App has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could compromise confidentiality.

CVE-2021-39972 7.5 - High - January 03, 2022

MyHuawei-App has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could compromise confidentiality.

Exposure of Resource to Wrong Sphere

There is a Null pointer dereference in Smartphones.Successful exploitation of this vulnerability may cause the kernel to break down.

CVE-2021-39973 7.5 - High - January 03, 2022

There is a Null pointer dereference in Smartphones.Successful exploitation of this vulnerability may cause the kernel to break down.

NULL Pointer Dereference

There is an Out-of-bounds read in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-39974 7.5 - High - January 03, 2022

There is an Out-of-bounds read in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.

Out-of-bounds Read

Hilinksvc has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause denial of service attacks.

CVE-2021-39975 7.5 - High - January 03, 2022

Hilinksvc has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause denial of service attacks.

The HwNearbyMain module has a NULL Pointer Dereference vulnerability.Successful exploitation of this vulnerability may cause a process to restart.

CVE-2021-39977 7.5 - High - January 03, 2022

The HwNearbyMain module has a NULL Pointer Dereference vulnerability.Successful exploitation of this vulnerability may cause a process to restart.

NULL Pointer Dereference

Telephony application has a SQL Injection vulnerability.Successful exploitation of this vulnerability may cause privacy and security issues.

CVE-2021-39978 7.5 - High - January 03, 2022

Telephony application has a SQL Injection vulnerability.Successful exploitation of this vulnerability may cause privacy and security issues.

SQL Injection

HHEE system has a Code Injection vulnerability.Successful exploitation of this vulnerability may affect HHEE system integrity.

CVE-2021-39979 9.8 - Critical - January 03, 2022

HHEE system has a Code Injection vulnerability.Successful exploitation of this vulnerability may affect HHEE system integrity.

Code Injection

There is a Timing design defects in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37110 7.5 - High - January 03, 2022

There is a Timing design defects in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.

There is a Memory leakage vulnerability in Smartphone.Successful exploitation of this vulnerability may cause memory exhaustion.

CVE-2021-37111 7.5 - High - January 03, 2022

There is a Memory leakage vulnerability in Smartphone.Successful exploitation of this vulnerability may cause memory exhaustion.

Allocation of Resources Without Limits or Throttling

Hisuite module has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability may lead to Firmware leak.

CVE-2021-37112 5.3 - Medium - January 03, 2022

Hisuite module has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability may lead to Firmware leak.

Externally Controlled Reference to a Resource in Another Sphere

There is an Out-of-bounds read vulnerability in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37114 5.3 - Medium - January 03, 2022

There is an Out-of-bounds read vulnerability in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.

Out-of-bounds Read

PCManager has a Weaknesses Introduced During Design vulnerability .Successful exploitation of this vulnerability may cause

CVE-2021-37116 9.1 - Critical - January 03, 2022

PCManager has a Weaknesses Introduced During Design vulnerability .Successful exploitation of this vulnerability may cause that the PIN of the subscriber is changed.

Improper Input Validation

There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.

CVE-2021-37117 7.5 - High - January 03, 2022

There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.

The HwNearbyMain module has a Improper Handling of Exceptional Conditions vulnerability.Successful exploitation of this vulnerability may lead to message leak.

CVE-2021-37118 5.3 - Medium - January 03, 2022

The HwNearbyMain module has a Improper Handling of Exceptional Conditions vulnerability.Successful exploitation of this vulnerability may lead to message leak.

Improper Handling of Exceptional Conditions

There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.

CVE-2021-37119 7.5 - High - January 03, 2022

There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.

Arbitrary file has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability .Successful exploitation of this vulnerability may cause the directory is traversed.

CVE-2021-37126 7.5 - High - January 03, 2022

Arbitrary file has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability .Successful exploitation of this vulnerability may cause the directory is traversed.

Directory traversal

HwPCAssistant has a Path Traversal vulnerability .Successful exploitation of this vulnerability may write any file.

CVE-2021-37128 9.8 - Critical - January 03, 2022

HwPCAssistant has a Path Traversal vulnerability .Successful exploitation of this vulnerability may write any file.

Directory traversal

PackageManagerService has a Permissions, Privileges, and Access Controls vulnerability .Successful exploitation of this vulnerability may cause

CVE-2021-37132 5.3 - Medium - January 03, 2022

PackageManagerService has a Permissions, Privileges, and Access Controls vulnerability .Successful exploitation of this vulnerability may cause that Third-party apps can obtain the complete list of Harmony apps without permission.

Incorrect Default Permissions

Hilinksvc service exists a Data Processing Errors vulnerability .Successful exploitation of this vulnerability may cause application crash.

CVE-2021-37098 7.5 - High - January 03, 2022

Hilinksvc service exists a Data Processing Errors vulnerability .Successful exploitation of this vulnerability may cause application crash.

There is a Service logic vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.

CVE-2021-37053 7.5 - High - December 08, 2021

There is a Service logic vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.

There is a Code Injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to system restart.

CVE-2021-37097 7.5 - High - December 08, 2021

There is a Code Injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to system restart.

Code Injection

There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers steal short messages.

CVE-2021-37093 5.3 - Medium - December 08, 2021

There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers steal short messages.

There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.

CVE-2021-37092 7.5 - High - December 08, 2021

There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.

Insufficient Cleanup

There is an Identity spoofing and authentication bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37054 7.5 - High - December 08, 2021

There is an Identity spoofing and authentication bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.

authentification

There is an Exception log vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause address information leakage.

CVE-2021-37052 7.5 - High - December 08, 2021

There is an Exception log vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause address information leakage.

Improper Handling of Exceptional Conditions

There is an Out-of-bounds read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds memory access.

CVE-2021-37051 9.1 - Critical - December 08, 2021

There is an Out-of-bounds read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds memory access.

Out-of-bounds Read

There is a Missing sensitive data encryption vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37050 7.5 - High - December 08, 2021

There is a Missing sensitive data encryption vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.

Missing Encryption of Sensitive Data

There is a Heap-based buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may rewrite the memory of adjacent objects.

CVE-2021-37049 9.8 - Critical - December 08, 2021

There is a Heap-based buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may rewrite the memory of adjacent objects.

Memory Corruption

There is an UAF vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart unexpectedly and the kernel-mode code to be executed.

CVE-2021-37045 9.8 - Critical - December 08, 2021

There is an UAF vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart unexpectedly and the kernel-mode code to be executed.

There is a Permission control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.

CVE-2021-37044 7.5 - High - December 08, 2021

There is a Permission control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.

Improper Preservation of Permissions

There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause privilege escalation of files after CIFS share mounting.

CVE-2021-37040 9.8 - Critical - December 08, 2021

There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause privilege escalation of files after CIFS share mounting.

Injection

There is an Invalid address access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart.

CVE-2021-37037 7.5 - High - December 08, 2021

There is an Invalid address access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart.

There is a Credentials Management Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to confidentiality affected.

CVE-2021-37075 7.5 - High - December 08, 2021

There is a Credentials Management Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to confidentiality affected.

Insufficiently Protected Credentials

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the user root privilege escalation.

CVE-2021-37074 8.1 - High - December 08, 2021

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the user root privilege escalation.

Race Condition

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.

CVE-2021-37069 7.4 - High - December 08, 2021

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.

Race Condition

There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause Bluetooth DoS.

CVE-2021-37039 6.5 - Medium - December 08, 2021

There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause Bluetooth DoS.

Improper Input Validation

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to process crash.

CVE-2021-37066 7.5 - High - December 07, 2021

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to process crash.

Out-of-bounds Read

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to device

CVE-2021-37014 7.5 - High - December 07, 2021

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to device cannot be used properly.

Integer Overflow or Wraparound

There is a Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Confidentiality impacted.

CVE-2021-37067 7.5 - High - December 07, 2021

There is a Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Confidentiality impacted.

Information Disclosure

There is a Resource Management Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to denial of Service Attacks.

CVE-2021-37068 7.5 - High - December 07, 2021

There is a Resource Management Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to denial of Service Attacks.

Resource Exhaustion

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to process crash.

CVE-2021-37070 7.5 - High - December 07, 2021

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to process crash.

Out-of-bounds Read

There is a Business Logic Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to persistent dos.

CVE-2021-37071 7.5 - High - December 07, 2021

There is a Business Logic Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to persistent dos.

There is a Incorrect Calculation of Buffer Size vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to memory crash.

CVE-2021-37072 7.5 - High - December 07, 2021

There is a Incorrect Calculation of Buffer Size vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to memory crash.

Double-free

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the detection result is tampered with.

CVE-2021-37073 3.7 - Low - December 07, 2021

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the detection result is tampered with.

Race Condition

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.

CVE-2021-37076 7.5 - High - December 07, 2021

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.

Out-of-bounds Read

There is a NULL Pointer Dereference vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to kernel crash.

CVE-2021-37077 7.5 - High - December 07, 2021

There is a NULL Pointer Dereference vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to kernel crash.

NULL Pointer Dereference

There is a Uncaught Exception vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to remote Denial of Service.

CVE-2021-37078 7.5 - High - December 07, 2021

There is a Uncaught Exception vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to remote Denial of Service.

There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to fake visitors to control PC

CVE-2021-37048 7.5 - High - December 07, 2021

There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to fake visitors to control PC,play a video,etc.

Improper Input Validation

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read.

CVE-2021-37021 9.1 - Critical - December 07, 2021

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read.

Improper Input Validation

Built by Foundeo Inc., with data from the National Vulnerability Database (NVD), Icons by Icons8. Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.