cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-54121,https://securityvulnerability.io/vulnerability/CVE-2024-54121,Startup Control Vulnerability in Ability Module Affecting Huawei Products,"The vulnerability in the Ability module allows for a startup control issue that could lead to abnormal performance of features within affected Huawei products. Exploiting this flaw may result in unintended behavior, impacting the functionality and user experience. Users are encouraged to apply the latest patches as recommended.",Huawei,Harmonyos,6.2,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-08T03:24:36.500Z,0
CVE-2024-56456,https://securityvulnerability.io/vulnerability/CVE-2024-56456,Input Parameter Validation Flaw in 3D Engine Module Affects Huawei Products,"A vulnerability exists in the 3D engine module due to insufficient verification of input parameters during the loading of glTF models. Exploitation of this issue could potentially disrupt system availability, making it essential for users to apply security measures and updates as recommended by Huawei.",Huawei,Harmonyos,6.8,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-08T03:23:40.211Z,0
CVE-2024-56455,https://securityvulnerability.io/vulnerability/CVE-2024-56455,Input Parameter Validation Flaw in 3D Engine by Huawei,"A vulnerability exists in Huawei's 3D engine module due to improper validation of input parameters during glTF model loading. This flaw could potentially allow an attacker to manipulate input parameters, leading to availability issues within the affected systems. Proper input validation mechanisms are essential to prevent the exploitation of this vulnerability and safeguard the integrity of 3D rendering processes.",Huawei,Harmonyos,5.5,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-08T03:22:45.758Z,0
CVE-2024-56454,https://securityvulnerability.io/vulnerability/CVE-2024-56454,Input Parameter Verification Flaw in 3D Engine Module by Huawei,"A vulnerability exists in Huawei's 3D engine module due to inadequate verification of input parameters during the loading of glTF models. This weakness can be exploited to affect the system's availability, potentially leading to disruptions in service. It is essential for users and administrators to address this issue promptly to mitigate risks associated with the processing of 3D models.",Huawei,Harmonyos,5.5,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-08T03:21:46.204Z,0
CVE-2024-56453,https://securityvulnerability.io/vulnerability/CVE-2024-56453,Input Parameter Validation Flaw in Huawei's 3D Engine Module,"A vulnerability exists in Huawei's 3D Engine Module where input parameters are not properly validated during the loading of glTF models. This flaw could potentially lead to disruptions in service availability, allowing malicious actors to manipulate model loading processes. Ensuring rigorous input validation is essential to mitigate the risks associated with this vulnerability.",Huawei,Harmonyos,6.8,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-08T03:18:32.152Z,0
CVE-2024-56452,https://securityvulnerability.io/vulnerability/CVE-2024-56452,Input Parameter Verification Issue in Huawei's 3D Engine Module,"This vulnerability arises from the failure to adequately verify input parameters during the loading of glTF models in Huawei's 3D engine module. As a result, attackers could exploit this flaw to potentially disrupt system availability by injecting malicious input, ultimately affecting the application’s performance and user experience. Proper input validation mechanisms are crucial to prevent such exploits and ensure the integrity of the 3D engine operations.",Huawei,Harmonyos,5.5,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-08T03:17:19.704Z,0
CVE-2024-56451,https://securityvulnerability.io/vulnerability/CVE-2024-56451,Integer Overflow Vulnerability in 3D Engine Module by Huawei,"An integer overflow vulnerability has been identified during the loading of glTF models within Huawei's 3D engine module. This flaw can potentially hinder the availability of services reliant on the affected engine, allowing for possible exploitation by malicious entities. Proper mitigation strategies should be implemented to safeguard systems against potential disruptions.",Huawei,Harmonyos,7.3,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-08T03:16:10.615Z,0
CVE-2024-56450,https://securityvulnerability.io/vulnerability/CVE-2024-56450,Buffer Overflow Vulnerability in Huawei Driver Module,"A buffer overflow vulnerability has been identified in the driver module used by Huawei products. This flaw allows an attacker to exploit the system by overflowing the buffer, potentially leading to system instability and impacting availability. Mitigation measures are essential to safeguard against potential exploitation.",Huawei,"Harmonyos,Emui",6.3,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-08T03:14:51.159Z,0
CVE-2024-56449,https://securityvulnerability.io/vulnerability/CVE-2024-56449,Privilege Escalation Vulnerability in Huawei Account Module,"The vulnerability enables a user to gain elevated privileges within Huawei's Account module, potentially compromising service confidentiality. If exploited, it could allow unauthorized access to sensitive data and functionality, making it critical for affected users to apply the latest security patches promptly to mitigate the risk.",Huawei,"Harmonyos,Emui",6.6,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-08T03:13:25.971Z,0
CVE-2024-56448,https://securityvulnerability.io/vulnerability/CVE-2024-56448,Improper Access Control in Huawei Home Screen Widget Module,"The vulnerability involves improper access control mechanisms within the home screen widget module of Huawei devices. This flaw could lead to unauthorized access or exploitation, potentially compromising user security and affecting the availability of the affected systems. It underscores the importance of implementing robust access control measures in software development to safeguard users against potential attacks.",Huawei,"Harmonyos,Emui",6.7,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-08T03:11:56.159Z,0
CVE-2024-56447,https://securityvulnerability.io/vulnerability/CVE-2024-56447,Improper Permission Control in Huawei's Window Management Module,"The vulnerability involves improper permission control within Huawei's window management module. Exploiting this flaw could potentially compromise service confidentiality, allowing unauthorized access to sensitive information. Users are advised to update to the latest version as a precaution against possible exploitation. For detailed guidance, refer to Huawei's security bulletin.",Huawei,"Harmonyos,Emui",7.8,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-08T03:03:11.490Z,0
CVE-2024-56446,https://securityvulnerability.io/vulnerability/CVE-2024-56446,Notification Module Vulnerability in Huawei Product,"A security issue exists in Huawei's Notification Module due to uninitialized variables. Failure to properly initialize these variables can lead to potential disruptions in service availability, allowing unauthorized access or manipulation of the system. Administrators should be aware of this vulnerability to mitigate any risks associated with the exploitation of uninitialized variables.",Huawei,Harmonyos,4,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-08T03:01:49.820Z,0
CVE-2024-56445,https://securityvulnerability.io/vulnerability/CVE-2024-56445,Instruction Authentication Bypass Vulnerability in Findnetwork Module by Huawei,"The Findnetwork module by Huawei has a vulnerability that allows for instruction authentication bypass. This flaw can result in abnormal performance of the module’s features, potentially compromising the integrity and functionality of systems relying on it. User actions may be manipulated without the proper authorization, posing significant risks to network security.",Huawei,Harmonyos,4.3,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-08T03:00:46.813Z,0
CVE-2024-56444,https://securityvulnerability.io/vulnerability/CVE-2024-56444,Cross-Process Screen Stack Vulnerability in Huawei UIExtension Module,"The UIExtension module developed by Huawei contains a cross-process screen stack vulnerability. This flaw allows an attacker to exploit the system, possibly leading to a compromise of service confidentiality. It is crucial for users to be aware of this vulnerability and apply the necessary security measures to protect their systems.",Huawei,Harmonyos,7.5,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-08T02:44:26.370Z,0
CVE-2024-56443,https://securityvulnerability.io/vulnerability/CVE-2024-56443,Cross-Process Screen Stack Flaw in UIExtension Module by Huawei,"The UIExtension module developed by Huawei contains a vulnerability that allows for cross-process screen stack attacks. Exploiting this flaw may compromise the confidentiality of sensitive services, enabling unauthorized access to information. Organizations using affected versions of the UIExtension module should implement immediate security measures to safeguard against potential exploitation.",Huawei,Harmonyos,6.2,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-08T02:37:31.730Z,0
CVE-2024-54120,https://securityvulnerability.io/vulnerability/CVE-2024-54120,Race Condition Vulnerability in Huawei Distributed Notification Module,"A race condition vulnerability exists in the distributed notification module developed by Huawei, potentially leading to abnormal functionality of the application. If exploited, this vulnerability can result in unpredictable behavior of features, causing disruptions in service and posing challenges for data integrity. Users and organizations using affected versions should prioritize mitigation strategies to secure their systems.",Huawei,Harmonyos,4.1,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-08T02:27:52.416Z,0
CVE-2024-56442,https://securityvulnerability.io/vulnerability/CVE-2024-56442,NFC Service Module Vulnerability in Huawei Devices,"The NFC service module in Huawei devices presents a vulnerability due to the insufficient implementation of native APIs. This flaw can lead to abnormal behavior of features that rely on the NFC service, potentially impacting user experience and device functionality. It is crucial for users and administrators to remain vigilant and keep their software updated to mitigate potential risks.",Huawei,"Harmonyos,Emui",5.5,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-08T02:20:03.579Z,0
CVE-2024-56441,https://securityvulnerability.io/vulnerability/CVE-2024-56441,Race Condition Vulnerability in Huawei's Bastet Module,"A race condition vulnerability exists within Huawei's Bastet module, which may allow attackers to exploit timing discrepancies in processes. This could lead to significant breaches affecting the confidentiality of services. It highlights the importance of implementing robust security measures to protect sensitive operations from potential timing attacks.",Huawei,"Harmonyos,Emui",4.1,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-08T02:12:46.961Z,0
CVE-2024-56440,https://securityvulnerability.io/vulnerability/CVE-2024-56440,Permission Control Vulnerability in Huawei Connectivity Module,"A permission control vulnerability exists in Huawei's Connectivity module that may allow unauthorized access to certain features. Successful exploitation could lead to abnormal functionality of these features, posing potential risks to user privacy and system integrity.",Huawei,"Harmonyos,Emui",6.2,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-08T02:08:46.885Z,0
CVE-2024-56439,https://securityvulnerability.io/vulnerability/CVE-2024-56439,Access Control Flaw in Huawei Identity Authentication Module,An access control vulnerability in Huawei's Identity Authentication Module may allow unauthorized access to sensitive service components. Successful exploitation can compromise the confidentiality of services by enabling attackers to bypass security controls. It is crucial for users and administrators to apply the necessary updates to mitigate potential risks associated with this vulnerability.,Huawei,Harmonyos,7.5,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-08T02:05:13.262Z,0
CVE-2024-56438,https://securityvulnerability.io/vulnerability/CVE-2024-56438,Improper Memory Address Protection in HUKS Module Affects Huawei Products,"The HUKS (Huawei Key Storage) module contains a vulnerability due to improper memory address protection. This flaw may allow attackers to exploit the system, potentially leading to unauthorized access or manipulation, ultimately impacting the availability of affected applications and services.",Huawei,"Harmonyos,Emui",6,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-08T02:04:06.730Z,0
CVE-2024-56437,https://securityvulnerability.io/vulnerability/CVE-2024-56437,Input Parameter Verification Flaw in Widget Framework Module by Huawei,A vulnerability exists in the widget framework module of Huawei products due to unverified input parameters. This flaw can potentially lead to unauthorized access and impact the availability of the affected products. Proper validation of inputs is crucial to prevent exploitation in applications relying on this framework.,Huawei,Harmonyos,5.7,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-08T02:01:27.893Z,0
CVE-2023-52955,https://securityvulnerability.io/vulnerability/CVE-2023-52955,Improper Authentication Vulnerability in ANS System Service Module by Huawei,"An improper authentication vulnerability exists in Huawei's ANS system service module, potentially allowing unauthorized access or abnormal feature performance. Successful exploitation could lead to severe impacts on system integrity and functionality, necessitating immediate attention and remediation.",Huawei,"Harmonyos,Emui",6.5,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-08T02:00:17.658Z,0
CVE-2023-52954,https://securityvulnerability.io/vulnerability/CVE-2023-52954,Improper Permission Control in Gallery Module of Huawei Devices,"The Gallery module in Huawei devices contains a vulnerability that arises from inadequate permission controls. This security flaw can be exploited to impact the availability of the service, potentially allowing unauthorized access or manipulation of gallery content. Users are advised to ensure their devices are updated and to follow best practices in cybersecurity to mitigate risks associated with this vulnerability.",Huawei,"Harmonyos,Emui",4.4,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-08T01:51:55.588Z,0
CVE-2023-52953,https://securityvulnerability.io/vulnerability/CVE-2023-52953,Path Traversal Flaw in Medialibrary Module by Huawei,"A path traversal vulnerability exists in the Medialibrary module developed by Huawei, which can be exploited to gain unauthorized access to file system paths. This can lead to a compromise of both integrity and confidentiality, allowing attackers to read sensitive files outside the intended directories. Organizations using this module should take immediate action to mitigate the risk.",Huawei,"Harmonyos,Emui",6.2,MEDIUM,0.0004400000034365803,false,false,false,false,false,false,false,2025-01-08T01:48:23.333Z,0