Vulnerabilities > Huawei > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-09-16 CVE-2022-39008 Deserialization of Untrusted Data vulnerability in Huawei Emui and Harmonyos
The NFC module has bundle serialization/deserialization vulnerabilities.
network
low complexity
huawei CWE-502
critical
 9.1
9.1
2022-09-16 CVE-2022-39009 Improper Authentication vulnerability in Huawei Emui and Harmonyos
The WLAN module has a vulnerability in permission verification.
network
low complexity
huawei CWE-287
critical
 9.8
9.8
2022-08-10 CVE-2022-37002 Unspecified vulnerability in Huawei Emui, Harmonyos and Magic UI
The SystemUI module has a privilege escalation vulnerability.
network
low complexity
huawei
critical
 9.8
9.8
2022-08-10 CVE-2022-37003 Incorrect Default Permissions vulnerability in Huawei Emui, Harmonyos and Magic UI
The AOD module has a vulnerability in permission assignment.
network
low complexity
huawei CWE-276
critical
 9.8
9.8
2022-08-10 CVE-2021-33643 Out-of-bounds Read vulnerability in multiple products
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read.
network
low complexity
feep huawei fedoraproject CWE-125
critical
 9.1
9.1
2022-07-12 CVE-2022-34737 Incorrect Default Permissions vulnerability in Huawei Emui, Harmonyos and Magic UI
The application security module has a vulnerability in permission assignment.
network
low complexity
huawei CWE-276
critical
 9.1
9.1
2022-06-13 CVE-2022-29797 Classic Buffer Overflow vulnerability in Huawei Cv81-Wdm Firmware 01.70.49.29.46
There is a buffer overflow vulnerability in CV81-WDM FW 01.70.49.29.46.
network
low complexity
huawei CWE-120
critical
 9.8
9.8
2022-06-13 CVE-2021-40036 Out-of-bounds Write vulnerability in Huawei Harmonyos
The bone voice ID TA has a memory overwrite vulnerability.
network
low complexity
huawei CWE-787
critical
 9.8
9.8
2022-06-13 CVE-2022-31760 Unspecified vulnerability in Huawei Emui, Harmonyos and Magic UI
Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services.
network
low complexity
huawei
critical
 9.1
9.1
2022-05-13 CVE-2021-46786 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Emui, Harmonyos and Magic UI
The audio module has a vulnerability in verifying the parameters passed by the application space.Successful exploitation of this vulnerability may cause out-of-bounds memory access.
network
low complexity
huawei CWE-119
critical
 9.8
9.8