Vulnerabilities > Huawei > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-07-06 CVE-2023-37240 Out-of-bounds Read vulnerability in Huawei Emui and Harmonyos
Vulnerability of missing input length verification in the distributed file system.
network
low complexity
huawei CWE-125
critical
 9.1
9.1
2023-07-06 CVE-2023-37242 Authorization Bypass Through User-Controlled Key vulnerability in Huawei Emui and Harmonyos
Vulnerability of commands from the modem being intercepted in the atcmdserver module.
network
low complexity
huawei CWE-639
critical
 9.8
9.8
2023-07-06 CVE-2023-37245 Classic Buffer Overflow vulnerability in Huawei Emui and Harmonyos
Buffer overflow vulnerability in the modem pinctrl module.
network
low complexity
huawei CWE-120
critical
 9.1
9.1
2023-07-05 CVE-2021-46891 Incorrect Authorization vulnerability in Huawei Emui and Harmonyos
Vulnerability of incomplete read and write permission verification in the GPU module.
network
low complexity
huawei CWE-863
critical
 9.8
9.8
2023-07-05 CVE-2023-3455 Exposure of Resource to Wrong Sphere vulnerability in Huawei Emui and Harmonyos
Key management vulnerability on system.
network
low complexity
huawei CWE-668
critical
 9.1
9.1
2023-07-05 CVE-2021-46890 Incorrect Authorization vulnerability in Huawei Emui and Harmonyos
Vulnerability of incomplete read and write permission verification in the GPU module.
network
low complexity
huawei CWE-863
critical
 9.8
9.8
2023-06-19 CVE-2023-34159 Unspecified vulnerability in Huawei Emui 13.0.0
Improper permission control vulnerability in the Notepad app.Successful exploitation of the vulnerability may lead to privilege escalation, which affects availability and confidentiality.
network
low complexity
huawei
critical
 9.8
9.8
2023-06-16 CVE-2022-48472 OS Command Injection vulnerability in Huawei Bisheng-Wnm Firmware and Ota-Bisheng Firmware
A Huawei printer has a system command injection vulnerability.
network
low complexity
huawei CWE-78
critical
 9.8
9.8
2023-05-26 CVE-2021-46887 Unspecified vulnerability in Huawei Emui 10.1.0/10.1.1/11.0.0
Lack of length check vulnerability in the HW_KEYMASTER module.
network
low complexity
huawei
critical
 9.8
9.8
2023-05-26 CVE-2022-48478 Unspecified vulnerability in Huawei Harmonyos 2.0
The facial recognition TA of some products lacks memory length verification.
network
low complexity
huawei
critical
 9.8
9.8