Huawei Harmonyos

The Bluetooth module has an out-of-bounds write vulnerability

CVE-2021-40000 8.8 - High - January 10, 2022

The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end.

Memory Corruption

The eID module has a vulnerability

CVE-2021-40025 7.5 - High - January 10, 2022

The eID module has a vulnerability that causes the memory to be used without being initialized,Successful exploitation of this vulnerability may affect data confidentiality.

Improper Initialization

The weaver module has a vulnerability in parameter type verification

CVE-2021-40022 7.5 - High - January 10, 2022

The weaver module has a vulnerability in parameter type verification,Successful exploitation of this vulnerability may affect data confidentiality.

The eID module has an out-of-bounds memory write vulnerability

CVE-2021-40021 7.5 - High - January 10, 2022

The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data confidentiality.

Memory Corruption

The eID module has a null pointer reference vulnerability

CVE-2021-40018 7.5 - High - January 10, 2022

The eID module has a null pointer reference vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.

NULL Pointer Dereference

The bone voice ID trusted application (TA) has a heap overflow vulnerability

CVE-2021-40014 7.5 - High - January 10, 2022

The bone voice ID trusted application (TA) has a heap overflow vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.

Memory Corruption

The bone voice ID trusted application (TA) has a heap overflow vulnerability

CVE-2021-40010 9.8 - Critical - January 10, 2022

The bone voice ID trusted application (TA) has a heap overflow vulnerability. Successful exploitation of this vulnerability may result in malicious code execution.

Memory Corruption

There is Vulnerability of APIs being concurrently called for multiple times in HwConnectivityExService a in smartphones

CVE-2021-39998 7.5 - High - January 10, 2022

There is Vulnerability of APIs being concurrently called for multiple times in HwConnectivityExService a in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart.

There is a Heap-based buffer overflow vulnerability with the NFC module in smartphones

CVE-2021-39996 9.8 - Critical - January 10, 2022

There is a Heap-based buffer overflow vulnerability with the NFC module in smartphones. Successful exploitation of this vulnerability may cause memory overflow.

Memory Corruption

There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones

CVE-2021-40029 7.5 - High - January 10, 2022

There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability.

Classic Buffer Overflow

The eID module has an out-of-bounds memory write vulnerability

CVE-2021-40028 7.5 - High - January 10, 2022

The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data integrity.

Memory Corruption

The bone voice ID TA has a vulnerability in calculating the buffer length

CVE-2021-40027 7.5 - High - January 10, 2022

The bone voice ID TA has a vulnerability in calculating the buffer length,Successful exploitation of this vulnerability may affect data confidentiality.

Buffer Overflow

There is a Heap-based buffer overflow vulnerability in the AOD module in smartphones

CVE-2021-40026 7.5 - High - January 10, 2022

There is a Heap-based buffer overflow vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.

Memory Corruption

The fingerprint module has a security risk of brute force cracking

CVE-2021-40006 4.6 - Medium - January 10, 2022

The fingerprint module has a security risk of brute force cracking. Successful exploitation of this vulnerability may affect data confidentiality.

Inadequate Encryption Strength

There is a Null pointer dereference vulnerability in the camera module in smartphones

CVE-2021-40039 7.5 - High - January 10, 2022

There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity.

NULL Pointer Dereference

There is a Double free vulnerability in the AOD module in smartphones

CVE-2021-40038 7.5 - High - January 10, 2022

There is a Double free vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.

Double-free

There is a Vulnerability of accessing resources using an incompatible type (type confusion) in the MPTCP subsystem in smartphones

CVE-2021-40037 5.5 - Medium - January 10, 2022

There is a Vulnerability of accessing resources using an incompatible type (type confusion) in the MPTCP subsystem in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart.

Object Type Confusion

There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones

CVE-2021-40035 7.5 - High - January 10, 2022

There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability.

Classic Buffer Overflow

The bone voice ID TA has a vulnerability in information management

CVE-2021-40032 7.5 - High - January 10, 2022

The bone voice ID TA has a vulnerability in information management,Successful exploitation of this vulnerability may affect data confidentiality.

There is an Out-of-bounds write vulnerability in the AOD module in smartphones

CVE-2021-40009 5.3 - Medium - January 10, 2022

There is an Out-of-bounds write vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.

Memory Corruption

The distributed data service component has a vulnerability in data access control

CVE-2021-40005 7.5 - High - January 10, 2022

The distributed data service component has a vulnerability in data access control. Successful exploitation of this vulnerability may affect data confidentiality.

Exposure of Resource to Wrong Sphere

The cellular module has a vulnerability in permission management

CVE-2021-40004 7.5 - High - January 10, 2022

The cellular module has a vulnerability in permission management. Successful exploitation of this vulnerability may affect data confidentiality.

Incorrect Default Permissions

HwPCAssistant has a path traversal vulnerability

CVE-2021-40003 5.3 - Medium - January 10, 2022

HwPCAssistant has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.

Directory traversal

The Bluetooth module has an out-of-bounds write vulnerability

CVE-2021-40002 8.8 - High - January 10, 2022

The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end.

Memory Corruption

The CaasKit module has a path traversal vulnerability

CVE-2021-40001 5.3 - Medium - January 10, 2022

The CaasKit module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause the MeeTime application to be unavailable.

Directory traversal

Hilinksvc service exists a Data Processing Errors vulnerability .Successful exploitation of this vulnerability may cause application crash.

CVE-2021-37098 7.5 - High - January 03, 2022

Hilinksvc service exists a Data Processing Errors vulnerability .Successful exploitation of this vulnerability may cause application crash.

PackageManagerService has a Permissions, Privileges, and Access Controls vulnerability .Successful exploitation of this vulnerability may cause

CVE-2021-37132 5.3 - Medium - January 03, 2022

PackageManagerService has a Permissions, Privileges, and Access Controls vulnerability .Successful exploitation of this vulnerability may cause that Third-party apps can obtain the complete list of Harmony apps without permission.

Incorrect Default Permissions

HwPCAssistant has a Path Traversal vulnerability .Successful exploitation of this vulnerability may write any file.

CVE-2021-37128 9.8 - Critical - January 03, 2022

HwPCAssistant has a Path Traversal vulnerability .Successful exploitation of this vulnerability may write any file.

Directory traversal

Arbitrary file has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability .Successful exploitation of this vulnerability may cause the directory is traversed.

CVE-2021-37126 7.5 - High - January 03, 2022

Arbitrary file has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability .Successful exploitation of this vulnerability may cause the directory is traversed.

Directory traversal

There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.

CVE-2021-37119 7.5 - High - January 03, 2022

There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.

The HwNearbyMain module has a Improper Handling of Exceptional Conditions vulnerability.Successful exploitation of this vulnerability may lead to message leak.

CVE-2021-37118 5.3 - Medium - January 03, 2022

The HwNearbyMain module has a Improper Handling of Exceptional Conditions vulnerability.Successful exploitation of this vulnerability may lead to message leak.

Improper Handling of Exceptional Conditions

There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.

CVE-2021-37117 7.5 - High - January 03, 2022

There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.

PCManager has a Weaknesses Introduced During Design vulnerability .Successful exploitation of this vulnerability may cause

CVE-2021-37116 9.1 - Critical - January 03, 2022

PCManager has a Weaknesses Introduced During Design vulnerability .Successful exploitation of this vulnerability may cause that the PIN of the subscriber is changed.

Improper Input Validation

There is an Out-of-bounds read vulnerability in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37114 5.3 - Medium - January 03, 2022

There is an Out-of-bounds read vulnerability in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.

Out-of-bounds Read

Hisuite module has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability may lead to Firmware leak.

CVE-2021-37112 5.3 - Medium - January 03, 2022

Hisuite module has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability may lead to Firmware leak.

Externally Controlled Reference to a Resource in Another Sphere

There is a Memory leakage vulnerability in Smartphone.Successful exploitation of this vulnerability may cause memory exhaustion.

CVE-2021-37111 7.5 - High - January 03, 2022

There is a Memory leakage vulnerability in Smartphone.Successful exploitation of this vulnerability may cause memory exhaustion.

Allocation of Resources Without Limits or Throttling

There is a Timing design defects in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37110 7.5 - High - January 03, 2022

There is a Timing design defects in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.

HHEE system has a Code Injection vulnerability.Successful exploitation of this vulnerability may affect HHEE system integrity.

CVE-2021-39979 9.8 - Critical - January 03, 2022

HHEE system has a Code Injection vulnerability.Successful exploitation of this vulnerability may affect HHEE system integrity.

Code Injection

Telephony application has a SQL Injection vulnerability.Successful exploitation of this vulnerability may cause privacy and security issues.

CVE-2021-39978 7.5 - High - January 03, 2022

Telephony application has a SQL Injection vulnerability.Successful exploitation of this vulnerability may cause privacy and security issues.

SQL Injection

The HwNearbyMain module has a NULL Pointer Dereference vulnerability.Successful exploitation of this vulnerability may cause a process to restart.

CVE-2021-39977 7.5 - High - January 03, 2022

The HwNearbyMain module has a NULL Pointer Dereference vulnerability.Successful exploitation of this vulnerability may cause a process to restart.

NULL Pointer Dereference

Hilinksvc has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause denial of service attacks.

CVE-2021-39975 7.5 - High - January 03, 2022

Hilinksvc has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause denial of service attacks.

There is an Out-of-bounds read in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-39974 7.5 - High - January 03, 2022

There is an Out-of-bounds read in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.

Out-of-bounds Read

There is a Null pointer dereference in Smartphones.Successful exploitation of this vulnerability may cause the kernel to break down.

CVE-2021-39973 7.5 - High - January 03, 2022

There is a Null pointer dereference in Smartphones.Successful exploitation of this vulnerability may cause the kernel to break down.

NULL Pointer Dereference

MyHuawei-App has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could compromise confidentiality.

CVE-2021-39972 7.5 - High - January 03, 2022

MyHuawei-App has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could compromise confidentiality.

Exposure of Resource to Wrong Sphere

Password vault has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability could compromise confidentiality.

CVE-2021-39971 7.5 - High - January 03, 2022

Password vault has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability could compromise confidentiality.

Externally Controlled Reference to a Resource in Another Sphere

HwPCAssistant has a Improper Input Validation vulnerability.Successful exploitation of this vulnerability may create any file with the system app permission.

CVE-2021-39970 7.5 - High - January 03, 2022

HwPCAssistant has a Improper Input Validation vulnerability.Successful exploitation of this vulnerability may create any file with the system app permission.

Directory traversal

There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-39969 7.5 - High - January 03, 2022

There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.

Exposure of Resource to Wrong Sphere

Changlian Blocklist has a Business Logic Errors vulnerability .Successful exploitation of this vulnerability may expand the attack surface of the message class.

CVE-2021-39968 7.5 - High - January 03, 2022

Changlian Blocklist has a Business Logic Errors vulnerability .Successful exploitation of this vulnerability may expand the attack surface of the message class.

There is a Vulnerability of obtaining broadcast information improperly due to improper broadcast permission settings in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-39967 7.5 - High - January 03, 2022

There is a Vulnerability of obtaining broadcast information improperly due to improper broadcast permission settings in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.

Incorrect Default Permissions

There is an Uninitialized AOD driver structure in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-39966 7.5 - High - January 03, 2022

There is an Uninitialized AOD driver structure in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.

Missing Initialization of Resource

Location-related APIs exists a Race Condition vulnerability.Successful exploitation of this vulnerability may use Higher Permissions for invoking the interface of location-related components.

CVE-2021-37134 8.1 - High - January 03, 2022

Location-related APIs exists a Race Condition vulnerability.Successful exploitation of this vulnerability may use Higher Permissions for invoking the interface of location-related components.

Race Condition

There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37133 7.5 - High - January 03, 2022

There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.

Exposure of Resource to Wrong Sphere

Arbitrary file has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability .Successful exploitation of this vulnerability may cause confidentiality is affected.

CVE-2021-37125 7.5 - High - January 03, 2022

Arbitrary file has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability .Successful exploitation of this vulnerability may cause confidentiality is affected.

Information Disclosure

There is a Privilege escalation vulnerability with the file system component in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37113 7.5 - High - January 03, 2022

There is a Privilege escalation vulnerability with the file system component in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.

Improper Privilege Management

The screen lock module has a Stack-based Buffer Overflow vulnerability.Successful exploitation of this vulnerability may affect user experience.

CVE-2021-39990 9.8 - Critical - January 03, 2022

The screen lock module has a Stack-based Buffer Overflow vulnerability.Successful exploitation of this vulnerability may affect user experience.

Memory Corruption

The HwNearbyMain module has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability may cause a process to restart.

CVE-2021-39989 7.5 - High - January 03, 2022

The HwNearbyMain module has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability may cause a process to restart.

Incorrect Type Conversion or Cast

The HwNearbyMain module has a NULL Pointer Dereference vulnerability.Successful exploitation of this vulnerability may cause a process to restart.

CVE-2021-39988 7.5 - High - January 03, 2022

The HwNearbyMain module has a NULL Pointer Dereference vulnerability.Successful exploitation of this vulnerability may cause a process to restart.

NULL Pointer Dereference

The HwNearbyMain module has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause a process to restart.

CVE-2021-39987 7.5 - High - January 03, 2022

The HwNearbyMain module has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause a process to restart.

Object Type Confusion

The HwNearbyMain module has a Improper Validation of Array Index vulnerability.Successful exploitation of this vulnerability may cause a process to restart.

CVE-2021-39985 7.5 - High - January 03, 2022

The HwNearbyMain module has a Improper Validation of Array Index vulnerability.Successful exploitation of this vulnerability may cause a process to restart.

out-of-bounds array index

Huawei idap module has a Out-of-bounds Read vulnerability.Successful exploitation of this vulnerability may cause Denial of Service.

CVE-2021-39984 7.5 - High - January 03, 2022

Huawei idap module has a Out-of-bounds Read vulnerability.Successful exploitation of this vulnerability may cause Denial of Service.

Out-of-bounds Read

The HwNearbyMain module has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause a process to restart.

CVE-2021-39983 7.5 - High - January 03, 2022

The HwNearbyMain module has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause a process to restart.

Phone Manager application has a Improper Privilege Management vulnerability.Successful exploitation of this vulnerability may read and write arbitrary files by tampering with Phone Manager notifications.

CVE-2021-39982 9.1 - Critical - January 03, 2022

Phone Manager application has a Improper Privilege Management vulnerability.Successful exploitation of this vulnerability may read and write arbitrary files by tampering with Phone Manager notifications.

Improper Privilege Management

Chang Lian application has a vulnerability which can be maliciously exploited to hide the calling number.Successful exploitation of this vulnerability

CVE-2021-39981 5.3 - Medium - January 03, 2022

Chang Lian application has a vulnerability which can be maliciously exploited to hide the calling number.Successful exploitation of this vulnerability allows you to make an anonymous call.

Telephony application has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could lead to sensitive information disclosure.

CVE-2021-39980 5.3 - Medium - January 03, 2022

Telephony application has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could lead to sensitive information disclosure.

Exposure of Resource to Wrong Sphere

There is a Code Injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to system restart.

CVE-2021-37097 7.5 - High - December 08, 2021

There is a Code Injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to system restart.

Code Injection

There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers steal short messages.

CVE-2021-37093 5.3 - Medium - December 08, 2021

There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers steal short messages.

There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.

CVE-2021-37092 7.5 - High - December 08, 2021

There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.

Insufficient Cleanup

There is an Identity spoofing and authentication bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37054 7.5 - High - December 08, 2021

There is an Identity spoofing and authentication bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.

authentification

There is a Service logic vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.

CVE-2021-37053 7.5 - High - December 08, 2021

There is a Service logic vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.

There is an Exception log vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause address information leakage.

CVE-2021-37052 7.5 - High - December 08, 2021

There is an Exception log vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause address information leakage.

Improper Handling of Exceptional Conditions

There is an Out-of-bounds read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds memory access.

CVE-2021-37051 9.1 - Critical - December 08, 2021

There is an Out-of-bounds read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds memory access.

Out-of-bounds Read

There is a Missing sensitive data encryption vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37050 7.5 - High - December 08, 2021

There is a Missing sensitive data encryption vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.

Missing Encryption of Sensitive Data

There is a Heap-based buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may rewrite the memory of adjacent objects.

CVE-2021-37049 9.8 - Critical - December 08, 2021

There is a Heap-based buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may rewrite the memory of adjacent objects.

Memory Corruption

There is an UAF vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart unexpectedly and the kernel-mode code to be executed.

CVE-2021-37045 9.8 - Critical - December 08, 2021

There is an UAF vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart unexpectedly and the kernel-mode code to be executed.

There is a Permission control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.

CVE-2021-37044 7.5 - High - December 08, 2021

There is a Permission control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.

Improper Preservation of Permissions

There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause privilege escalation of files after CIFS share mounting.

CVE-2021-37040 9.8 - Critical - December 08, 2021

There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause privilege escalation of files after CIFS share mounting.

Injection

There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause Bluetooth DoS.

CVE-2021-37039 6.5 - Medium - December 08, 2021

There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause Bluetooth DoS.

Improper Input Validation

There is an Invalid address access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart.

CVE-2021-37037 7.5 - High - December 08, 2021

There is an Invalid address access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart.

There is a Credentials Management Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to confidentiality affected.

CVE-2021-37075 7.5 - High - December 08, 2021

There is a Credentials Management Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to confidentiality affected.

Insufficiently Protected Credentials

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the user root privilege escalation.

CVE-2021-37074 8.1 - High - December 08, 2021

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the user root privilege escalation.

Race Condition

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.

CVE-2021-37069 7.4 - High - December 08, 2021

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.

Race Condition

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read.

CVE-2021-37011 9.1 - Critical - December 07, 2021

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read.

Memory Corruption

There is a Improper Validation of Array Index vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to restart the phone.

CVE-2021-37057 7.5 - High - December 07, 2021

There is a Improper Validation of Array Index vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to restart the phone.

out-of-bounds array index

There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to fake visitors to control PC

CVE-2021-37048 7.5 - High - December 07, 2021

There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to fake visitors to control PC,play a video,etc.

Improper Input Validation

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to malicious application processes occupy system resources.

CVE-2021-37043 7.5 - High - December 07, 2021

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to malicious application processes occupy system resources.

authentification

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read.

CVE-2021-37021 9.1 - Critical - December 07, 2021

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read.

Improper Input Validation

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read.

CVE-2021-37020 9.1 - Critical - December 07, 2021

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read.

Improper Input Validation

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to device

CVE-2021-37014 7.5 - High - December 07, 2021

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to device cannot be used properly.

Integer Overflow or Wraparound

There is a Improper Authentication vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to account authentication bypassed.

CVE-2021-37100 7.5 - High - December 07, 2021

There is a Improper Authentication vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to account authentication bypassed.

authentification

There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to delete any file.

CVE-2021-37099 9.1 - Critical - December 07, 2021

There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to delete any file.

Directory traversal

There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to system denial of service.

CVE-2021-37094 7.5 - High - December 07, 2021

There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to system denial of service.

Improper Input Validation

There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers

CVE-2021-37088 9.1 - Critical - December 07, 2021

There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers can write any content to any file.

Directory traversal

There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers

CVE-2021-37087 9.1 - Critical - December 07, 2021

There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers can create arbitrary file.

Directory traversal

There is a Uncaught Exception vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to remote Denial of Service.

CVE-2021-37078 7.5 - High - December 07, 2021

There is a Uncaught Exception vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to remote Denial of Service.

There is a NULL Pointer Dereference vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to kernel crash.

CVE-2021-37077 7.5 - High - December 07, 2021

There is a NULL Pointer Dereference vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to kernel crash.

NULL Pointer Dereference

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.

CVE-2021-37076 7.5 - High - December 07, 2021

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.

Out-of-bounds Read

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the detection result is tampered with.

CVE-2021-37073 3.7 - Low - December 07, 2021

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the detection result is tampered with.

Race Condition

There is a Incorrect Calculation of Buffer Size vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to memory crash.

CVE-2021-37072 7.5 - High - December 07, 2021

There is a Incorrect Calculation of Buffer Size vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to memory crash.

Double-free

There is a Business Logic Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to persistent dos.

CVE-2021-37071 7.5 - High - December 07, 2021

There is a Business Logic Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to persistent dos.

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to process crash.

CVE-2021-37070 7.5 - High - December 07, 2021

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to process crash.

Out-of-bounds Read