Vulnerabilities > Huawei > Harmonyos > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-25 | CVE-2021-22441 | Integer Overflow or Wraparound vulnerability in Huawei Harmonyos Some Huawei products have an integer overflow vulnerability. | 5.5 |
| 2022-02-25 | CVE-2021-22478 | Use After Free vulnerability in Huawei Harmonyos The interface of a certain HarmonyOS module has a UAF vulnerability. | 5.5 |
| 2022-02-25 | CVE-2021-22479 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Harmonyos The interface of a certain HarmonyOS module has an invalid address access vulnerability. | 5.5 |
| 2022-02-09 | CVE-2021-40015 | Race Condition vulnerability in Huawei Emui, Harmonyos and Magic UI There is a race condition vulnerability in the binder driver subsystem in the kernel.Successful exploitation of this vulnerability may affect kernel stability. | 4.7 |
| 2022-02-09 | CVE-2021-40045 | Improper Verification of Cryptographic Signature vulnerability in Huawei Emui, Harmonyos and Magic UI There is a vulnerability of signature verification mechanism failure in system upgrade through recovery mode.Successful exploitation of this vulnerability may affect service confidentiality. | 5.5 |
| 2022-01-10 | CVE-2021-40001 | Path Traversal vulnerability in Huawei Harmonyos The CaasKit module has a path traversal vulnerability. | 5.3 |
| 2022-01-10 | CVE-2021-40003 | Path Traversal vulnerability in Huawei Harmonyos HwPCAssistant has a path traversal vulnerability. | 5.3 |
| 2022-01-10 | CVE-2021-40006 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Huawei Harmonyos 2.0 Vulnerability of design defects in the security algorithm component. | 4.6 |
| 2022-01-10 | CVE-2021-40009 | Out-of-bounds Write vulnerability in Huawei Emui, Harmonyos and Magic UI There is an Out-of-bounds write vulnerability in the AOD module in smartphones. | 5.3 |
| 2022-01-10 | CVE-2021-40037 | Type Confusion vulnerability in Huawei Emui, Harmonyos and Magic UI There is a Vulnerability of accessing resources using an incompatible type (type confusion) in the MPTCP subsystem in smartphones. | 5.5 |