Vulnerabilities > Huawei > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-07-06 CVE-2022-48511 Use After Free vulnerability in Huawei Emui and Harmonyos
Use After Free (UAF) vulnerability in the audio PCM driver module under special conditions.
network
low complexity
huawei CWE-416
critical
 9.8
9.8
2023-07-06 CVE-2022-48512 Use After Free vulnerability in Huawei Emui and Harmonyos
Use After Free (UAF) vulnerability in the Vdecoderservice service.
network
low complexity
huawei CWE-416
critical
 9.8
9.8
2023-07-06 CVE-2022-48513 Authentication Bypass by Spoofing vulnerability in Huawei Emui and Harmonyos
Vulnerability of identity verification being bypassed in the Gallery module.
network
low complexity
huawei CWE-290
critical
 9.8
9.8
2023-07-06 CVE-2023-37240 Out-of-bounds Read vulnerability in Huawei Emui and Harmonyos
Vulnerability of missing input length verification in the distributed file system.
network
low complexity
huawei CWE-125
critical
 9.1
9.1
2023-07-06 CVE-2023-37242 Authorization Bypass Through User-Controlled Key vulnerability in Huawei Emui and Harmonyos
Vulnerability of commands from the modem being intercepted in the atcmdserver module.
network
low complexity
huawei CWE-639
critical
 9.8
9.8
2023-07-06 CVE-2023-37245 Classic Buffer Overflow vulnerability in Huawei Emui and Harmonyos
Buffer overflow vulnerability in the modem pinctrl module.
network
low complexity
huawei CWE-120
critical
 9.1
9.1
2023-07-05 CVE-2021-46891 Incorrect Authorization vulnerability in Huawei Emui and Harmonyos
Vulnerability of incomplete read and write permission verification in the GPU module.
network
low complexity
huawei CWE-863
critical
 9.8
9.8
2023-07-05 CVE-2023-3455 Exposure of Resource to Wrong Sphere vulnerability in Huawei Emui and Harmonyos
Key management vulnerability on system.
network
low complexity
huawei CWE-668
critical
 9.1
9.1
2023-07-05 CVE-2021-46890 Incorrect Authorization vulnerability in Huawei Emui and Harmonyos
Vulnerability of incomplete read and write permission verification in the GPU module.
network
low complexity
huawei CWE-863
critical
 9.8
9.8
2023-06-19 CVE-2023-34159 Unspecified vulnerability in Huawei Emui 13.0.0
Improper permission control vulnerability in the Notepad app.Successful exploitation of the vulnerability may lead to privilege escalation, which affects availability and confidentiality.
network
low complexity
huawei
critical
 9.8
9.8