cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2020-36601,https://securityvulnerability.io/vulnerability/CVE-2020-36601,Out-of-Bounds Write Vulnerability in Huawei Kernel Modules,"An out-of-bounds write vulnerability exists within the kernel modules of Huawei products. This issue can be exploited to cause memory corruption, potentially leading to system crashes or panic reboots. Such vulnerabilities may increase the risk of unauthorized access or other malicious activities compromising system stability.",Huawei,"Emui,Magic Ui",7.5,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2022-09-16T17:58:12.000Z,0
CVE-2020-36600,https://securityvulnerability.io/vulnerability/CVE-2020-36600,Out-of-Bounds Write Vulnerability in Power Consumption Module by Huawei,"An out-of-bounds write vulnerability exists within the power consumption module of Huawei devices. This flaw allows attackers to exploit the system, potentially leading to unexpected behavior such as system restarts. Ensuring that your systems are updated to the latest version is critical to protect against this vulnerability.",Huawei,"Emui,Magic Ui",7.5,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2022-09-16T17:58:09.000Z,0
CVE-2022-39003,https://securityvulnerability.io/vulnerability/CVE-2022-39003,Buffer Overflow in Video Framework Affects Huawei Products,"A buffer overflow vulnerability exists in the video framework used by Huawei products. This flaw allows for potential exploitation that could compromise the confidentiality and integrity of the affected systems. By manipulating buffers, an attacker could execute arbitrary code or cause unexpected behavior, leading to unauthorized access or system disruption. Users are advised to implement available patches and follow best security practices to mitigate risks associated with this vulnerability.",Huawei,"Emui,Magic Ui",9.1,CRITICAL,0.00171999994199723,false,,false,false,false,,,false,false,,2022-09-16T17:58:06.000Z,0
CVE-2022-39001,https://securityvulnerability.io/vulnerability/CVE-2022-39001,Path Traversal Vulnerability in HarmonyOS Devices by Huawei,"A path traversal vulnerability exists in the number identification module of HarmonyOS, allowing attackers to craft malicious requests that could lead to unauthorized access to sensitive data. Successful exploitation of this flaw may result in data disclosure, posing a risk to the confidentiality of user information. Users are advised to apply security updates to mitigate potential threats.",Huawei,"Harmonyos,Emui,Magic Ui",7.5,HIGH,0.002400000113993883,false,,false,false,false,,,false,false,,2022-09-16T17:57:48.000Z,0
CVE-2022-38997,https://securityvulnerability.io/vulnerability/CVE-2022-38997,Configuration Defects in Secure OS Module Affecting Huawei Devices,The secure OS module in Huawei devices exhibits configuration defects that may be exploited to compromise data confidentiality. This vulnerability poses a risk as unauthorized access could lead to sensitive information being disclosed. Users should remain vigilant and apply any available security updates to safeguard their devices against potential attacks.,Huawei,"Harmonyos,Emui,Magic Ui",7.5,HIGH,0.0015800000401213765,false,,false,false,false,,,false,false,,2022-09-16T17:57:08.000Z,0
CVE-2022-38979,https://securityvulnerability.io/vulnerability/CVE-2022-38979,Configuration Defects in Huawei’s Secure OS Module,"The Secure OS module developed by Huawei contains configuration defects that can be exploited by attackers. This vulnerability has the potential to compromise data confidentiality, highlighting the importance of secure configurations in protecting sensitive information.",Huawei,"Harmonyos,Emui,Magic Ui",7.5,HIGH,0.0015800000401213765,false,,false,false,false,,,false,false,,2022-09-16T17:56:43.000Z,0
CVE-2022-38978,https://securityvulnerability.io/vulnerability/CVE-2022-38978,Configuration Defects in HarmonyOS Secure OS Module by Huawei,"The HarmonyOS secure OS module exhibits configuration deficiencies, which may lead to unauthorized access and compromise data confidentiality. This vulnerability indicates a need for better security practices within the OS's design to ensure user data remains protected from potential exploitation.",Huawei,"Harmonyos,Emui,Magic Ui",7.5,HIGH,0.0015800000401213765,false,,false,false,false,,,false,false,,2022-09-16T17:56:37.000Z,0
CVE-2022-39005,https://securityvulnerability.io/vulnerability/CVE-2022-39005,Memory Leak Vulnerability in MPTCP Module of Huawei Devices,"The MPTCP module in Huawei devices is affected by a memory leak vulnerability that may allow an attacker to exploit the system resulting in significant memory consumption issues. If successfully launched, this threat can lead to degraded performance and system instability, impacting the overall user experience. Users are advised to stay informed and apply patches as soon as they become available to mitigate potential risks.",Huawei,"Harmonyos,Emui,Magic Ui",7.5,HIGH,0.0010100000072270632,false,,false,false,false,,,false,false,,2022-09-16T17:56:07.000Z,0
CVE-2022-39004,https://securityvulnerability.io/vulnerability/CVE-2022-39004,Memory Leak Vulnerability in MPTCP Module of Huawei Products,"The MPTCP module in Huawei's software has been identified to have a memory leak vulnerability. Exploitation of this flaw may allow unauthorized access to memory resources, potentially leading to performance degradation and stability issues in affected devices. Users are advised to apply the necessary security updates to mitigate risks associated with this vulnerability.",Huawei,"Harmonyos,Emui,Magic Ui",7.5,HIGH,0.0010100000072270632,false,,false,false,false,,,false,false,,2022-09-16T17:56:03.000Z,0
CVE-2022-39006,https://securityvulnerability.io/vulnerability/CVE-2022-39006,Race Condition Vulnerability in MPTCP Module of HarmonyOS Devices,"The MPTCP (Multipath Transmission Control Protocol) module in HarmonyOS has a vulnerability that may allow a race condition to occur. If exploited, this vulnerability can lead to unintended device behavior, including potential restarts, impacting the usability and stability of affected devices. Users and administrators should stay informed about this issue and apply necessary updates to mitigate risks.",Huawei,"Harmonyos,Emui,Magic Ui",5.9,MEDIUM,0.0010100000072270632,false,,false,false,false,,,false,false,,2022-09-16T17:55:56.000Z,0
CVE-2022-39000,https://securityvulnerability.io/vulnerability/CVE-2022-39000,Malicious App Management Flaw in iAware Module by Huawei,"The iAware module developed by Huawei contains a security flaw that compromises the management of malicious applications. Exploiting this vulnerability allows a malicious app to automatically execute during system startup, potentially putting user data and device integrity at risk. This security issue necessitates immediate attention from users to mitigate potential threats and maintain device security.",Huawei,"Harmonyos,Emui,Magic Ui",9.8,CRITICAL,0.0022100000642240047,false,,false,false,false,,,false,false,,2022-09-16T17:55:46.000Z,0
CVE-2022-39002,https://securityvulnerability.io/vulnerability/CVE-2022-39002,Double Free Vulnerability in Huawei Storage Module,"This vulnerability in Huawei's storage module allows for a double free condition, where the memory can be inadvertently freed multiple times. This issue arises during the management of memory resources and could lead to potential exploitation by attackers, causing unstable application behavior or system crashes. It is crucial for users of affected products to apply patches and updates to mitigate any risks associated with this issue.",Huawei,Harmonyos;emui;magic Ui,9.8,CRITICAL,0.0022100000642240047,false,,false,false,false,,,false,false,,2022-09-16T00:00:00.000Z,0
CVE-2022-37008,https://securityvulnerability.io/vulnerability/CVE-2022-37008,Update Package Verification Bypass in Huawei HarmonyOS Devices,A vulnerability exists in the recovery module of Huawei HarmonyOS that allows attackers to bypass the verification process of update packages. This exploitation can lead to compromised system integrity and potentially destabilize the device's functionality. Users are strongly advised to keep their devices updated and monitor security bulletins for patched versions to mitigate this risk.,Huawei,"Harmonyos,Emui,Magic Ui",7.5,HIGH,0.0010100000072270632,false,,false,false,false,,,false,false,,2022-08-10T20:16:00.000Z,0
CVE-2022-37007,https://securityvulnerability.io/vulnerability/CVE-2022-37007,Out-of-Bounds Read Vulnerability in Chinadrm Module of Huawei Devices,The chinadrm module in Huawei devices contains an out-of-bounds read vulnerability that may allow attackers to access unauthorized memory locations. This situation can lead to potential availability issues for users and negatively impacts the overall security posture of the affected devices. Ensuring timely updates and patches is essential to mitigate the risks associated with this vulnerability.,Huawei,"Harmonyos,Emui,Magic Ui",7.5,HIGH,0.0010100000072270632,false,,false,false,false,,,false,false,,2022-08-10T20:16:00.000Z,0
CVE-2022-37005,https://securityvulnerability.io/vulnerability/CVE-2022-37005,Argument Injection Vulnerability in Huawei Settings Application,"The Settings application in Huawei devices possesses an argument injection vulnerability that could potentially compromise data confidentiality. When exploited, this vulnerability allows unauthorized access to sensitive data, thereby impacting user privacy and security. It is essential for users and administrators to be aware of this issue and ensure their devices are updated to protect against potential exploitation.",Huawei,"Harmonyos,Emui,Magic Ui",7.5,HIGH,0.0015800000401213765,false,,false,false,false,,,false,false,,2022-08-10T20:16:00.000Z,0
CVE-2022-37002,https://securityvulnerability.io/vulnerability/CVE-2022-37002,Privilege Escalation Vulnerability in Huawei's SystemUI Module,"A vulnerability has been identified in Huawei's SystemUI module, which can be exploited by malicious applications to gain unauthorized privileges. When successfully exploited, this vulnerability allows attackers to create pop-up windows or run processes in the background, posing serious security risks to the affected HarmonyOS devices and Huawei smartphones. Users are advised to apply updates from Huawei to mitigate potential threats.",Huawei,"Harmonyos,Emui,Magic Ui",9.8,CRITICAL,0.0022100000642240047,false,,false,false,false,,,false,false,,2022-08-10T20:16:00.000Z,0
CVE-2022-37003,https://securityvulnerability.io/vulnerability/CVE-2022-37003,Permission Escalation Vulnerability in Huawei AOD Module,"The AOD module from Huawei contains a vulnerability related to improper permission assignment. An attacker exploiting this weakness may gain escalated privileges, enabling unauthorized access to sensitive files. This flaw poses a significant risk, warranting immediate attention from users and administrators to apply appropriate security measures.",Huawei,"Harmonyos,Emui,Magic Ui",9.8,CRITICAL,0.0022100000642240047,false,,false,false,false,,,false,false,,2022-08-10T20:16:00.000Z,0
CVE-2022-37004,https://securityvulnerability.io/vulnerability/CVE-2022-37004,Bypass Flaw in Settings Application of HarmonyOS by Huawei,"The Settings application of HarmonyOS contains a bypass vulnerability that compromises the out-of-box experience (OOBE). Exploiting this flaw could potentially disrupt the availability of the impacted devices, leading to an impaired user experience. Users are encouraged to update their systems to mitigate risks associated with this vulnerability.",Huawei,"Harmonyos,Emui,Magic Ui",7.5,HIGH,0.0010100000072270632,false,,false,false,false,,,false,false,,2022-08-10T20:16:00.000Z,0
CVE-2021-40040,https://securityvulnerability.io/vulnerability/CVE-2021-40040,Data Storage Vulnerability in HarmonyOS Devices by Huawei,"A vulnerability in the HW_KEYMASTER module allows unauthorized data writing to arbitrary memory addresses in HarmonyOS devices. This exposure could lead to significant risks regarding data confidentiality. Exploit scenarios may result in sensitive information being compromised, thus posing a threat to user privacy and security.",Huawei,Harmonyos;emui;magic Ui,7.5,HIGH,0.0015800000401213765,false,,false,false,false,,,false,false,,2022-08-10T20:15:00.000Z,0
CVE-2021-40030,https://securityvulnerability.io/vulnerability/CVE-2021-40030,Data Confidentiality Vulnerability in My HUAWEI App,"The My HUAWEI app contains a design flaw that may compromise data confidentiality. Exploiting this vulnerability could allow unauthorized access to sensitive information, thereby posing a potential threat to user privacy and security.",Huawei,"Harmonyos,Emui,Magic Ui",7.5,HIGH,0.0015800000401213765,false,,false,false,false,,,false,false,,2022-08-10T20:15:00.000Z,0
CVE-2021-40034,https://securityvulnerability.io/vulnerability/CVE-2021-40034,Memory Overwriting Vulnerability in Video Framework from Huawei,"A vulnerability in the video framework utilized by Huawei products allows for memory overwriting due to an addition overflow. This issue can lead to disruptions in service, affecting availability. Successful exploitation could potentially compromise the integrity and stability of the application, highlighting the need for immediate attention and updates.",Huawei,"Harmonyos,Emui,Magic Ui",7.5,HIGH,0.0010100000072270632,false,,false,false,false,,,false,false,,2022-08-10T20:15:00.000Z,0
CVE-2022-34743,https://securityvulnerability.io/vulnerability/CVE-2022-34743,Out-of-Bounds Read Vulnerability in Huawei USB Port AT Commands,"The vulnerability affecting Huawei devices occurs within the AT commands of the USB port, which can lead to an out-of-bounds read. This flaw may allow malicious actors to exploit the system, potentially impacting its availability. Addressing this issue is critical to ensure the security and performance of affected devices.",Huawei,"Harmonyos,Emui,Magic Ui",7.5,HIGH,0.0010100000072270632,false,,false,false,false,,,false,false,,2022-07-12T14:15:00.000Z,0
CVE-2021-40016,https://securityvulnerability.io/vulnerability/CVE-2021-40016,Improper Permission Control in Bluetooth Module Affecting Huawei Products,"This vulnerability arises from insufficient permission controls within the Bluetooth module of Huawei devices. It allows unauthorized access to sensitive data, potentially exposing user information and compromising confidentiality. Ensuring security patches are applied is crucial to mitigate risks associated with this vulnerability.",Huawei,"Emui,Magic Ui",6.5,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2022-07-12T14:15:00.000Z,0
CVE-2021-40012,https://securityvulnerability.io/vulnerability/CVE-2021-40012,Pointer Mismanagement in Video Framework of Huawei Devices,"A vulnerability exists in Huawei's video framework where pointers are incorrectly used during data transmission. This mismanagement can result in severe implications for data confidentiality, potentially allowing unauthorized access to sensitive information during video processing operations. Users of affected Huawei devices should be aware of this issue and consider the necessary updates and measures as explained in the security bulletins.",Huawei,"Harmonyos,Emui,Magic Ui",7.5,HIGH,0.001509999972768128,false,,false,false,false,,,false,false,,2022-07-12T14:15:00.000Z,0
CVE-2022-34739,https://securityvulnerability.io/vulnerability/CVE-2022-34739,Overflow Vulnerability in Fingerprint Module of Huawei Devices,"The fingerprint module within certain Huawei devices is susceptible to an overflow vulnerability due to arithmetic addition operations. When exploited, this flaw may allow an attacker to gain access to sensitive data from unallocated memory addresses, potentially leading to unauthorized data exposure. Users of affected Huawei devices should prioritize patching to mitigate this risk.",Huawei,"Harmonyos,Emui,Magic Ui",7.5,HIGH,0.0015800000401213765,false,,false,false,false,,,false,false,,2022-07-12T14:15:00.000Z,0