Huawei Harmonyos vulnerabilities

1,076 known vulnerabilities affecting huawei/harmonyos.

Total CVEs

1,076

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL138HIGH534MEDIUM365LOW39

Vulnerabilities

Page 21 of 54

CVE-2024-27895HIGHCVSS 7.5v4.0.02024-04-08

CVE-2024-27895 [HIGH] CWE-284 CVE-2024-27895: Vulnerability of permission control in the window module. Successful exploitation of this vulnerabil Vulnerability of permission control in the window module. Successful exploitation of this vulnerability may affect confidentiality.

nvd

CVE-2023-52537HIGHCVSS 7.5v2.0.0v2.1.0+3 more2024-04-08

CVE-2023-52537 [HIGH] CWE-280 CVE-2023-52537: Vulnerability of package name verification being bypassed in the HwIms module. Impact: Successful ex Vulnerability of package name verification being bypassed in the HwIms module. Impact: Successful exploitation of this vulnerability will affect availability.

nvd

CVE-2023-52545HIGHCVSS 7.5v3.0.0v3.1.0+1 more2024-04-08

CVE-2023-52545 [HIGH] CWE-276 CVE-2023-52545: Vulnerability of undefined permissions in the Calendar app. Impact: Successful exploitation of this Vulnerability of undefined permissions in the Calendar app. Impact: Successful exploitation of this vulnerability will affect availability.

nvd

CVE-2023-52549HIGHCVSS 7.5v2.0.0v2.1.0+3 more2024-04-08

CVE-2023-52549 [HIGH] CWE-120 CVE-2023-52549: Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of t Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

nvd

CVE-2023-52388HIGHCVSS 7.5v2.0.0v2.1.0+3 more2024-04-08

CVE-2023-52388 [HIGH] CWE-732 CVE-2023-52388: Permission control vulnerability in the clock module. Impact: Successful exploitation of this vulner Permission control vulnerability in the clock module. Impact: Successful exploitation of this vulnerability will affect availability.

nvd

CVE-2024-27897HIGHCVSS 7.5v2.0.0v3.0.0+2 more2024-04-08

CVE-2024-27897 [HIGH] CWE-200 CVE-2024-27897: Input verification vulnerability in the call module. Impact: Successful exploitation of this vulnera Input verification vulnerability in the call module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

nvd

CVE-2023-52359HIGHCVSS 7.5v2.0.0v2.1.0+3 more2024-04-08

CVE-2023-52359 [HIGH] CWE-285 CVE-2023-52359: Vulnerability of permission verification in some APIs in the ActivityTaskManagerService module. Impa Vulnerability of permission verification in some APIs in the ActivityTaskManagerService module. Impact: Successful exploitation of this vulnerability will affect availability.

nvd

CVE-2023-52550HIGHCVSS 7.5v2.0.0v2.1.0+3 more2024-04-08

CVE-2023-52550 [HIGH] CWE-120 CVE-2023-52550: Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of t Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

nvd

CVE-2023-52546HIGHCVSS 7.5v3.1.0v4.0.02024-04-08

CVE-2023-52546 [HIGH] CWE-345 CVE-2023-52546: Vulnerability of package name verification being bypassed in the Calendar app. Impact: Successful ex Vulnerability of package name verification being bypassed in the Calendar app. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

nvd

CVE-2023-52540HIGHCVSS 7.5v2.0.0v2.1.0+3 more2024-04-08

CVE-2023-52540 [HIGH] CWE-287 CVE-2023-52540: Vulnerability of improper authentication in the Iaware module. Impact: Successful exploitation of th Vulnerability of improper authentication in the Iaware module. Impact: Successful exploitation of this vulnerability will affect availability.

nvd

CVE-2024-27896HIGHCVSS 7.5v3.0.02024-04-08

CVE-2024-27896 [HIGH] CWE-20 CVE-2024-27896: Input verification vulnerability in the log module. Impact: Successful exploitation of this vulnerab Input verification vulnerability in the log module. Impact: Successful exploitation of this vulnerability can affect integrity.

nvd

CVE-2023-52552HIGHCVSS 7.5v2.1.0v3.0.0+2 more2024-04-08

CVE-2023-52552 [HIGH] CWE-20 CVE-2023-52552: Input verification vulnerability in the power module. Impact: Successful exploitation of this vulner Input verification vulnerability in the power module. Impact: Successful exploitation of this vulnerability will affect availability.

nvd

CVE-2023-52553HIGHCVSS 7.4v2.0.0v2.1.0+3 more2024-04-08

CVE-2023-52553 [HIGH] CWE-362 CVE-2023-52553: Race condition vulnerability in the Wi-Fi module. Impact: Successful exploitation of this vulnerabil Race condition vulnerability in the Wi-Fi module. Impact: Successful exploitation of this vulnerability will affect availability.

nvd

CVE-2023-52554MEDIUMCVSS 6.5v2.0.0v2.1.0+3 more2024-04-08

CVE-2023-52554 [MEDIUM] CWE-732 CVE-2023-52554: Permission control vulnerability in the Bluetooth module. Impact: Successful exploitation of this vu Permission control vulnerability in the Bluetooth module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

nvd

CVE-2023-52551MEDIUMCVSS 5.3v2.0.0v2.1.0+3 more2024-04-08

CVE-2023-52551 [MEDIUM] CWE-120 CVE-2023-52551: Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of t Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

nvd

CVE-2023-52385MEDIUMCVSS 6.2v3.0.0v3.1.0+1 more2024-04-08

CVE-2023-52385 [MEDIUM] CWE-20 CVE-2023-52385: Out-of-bounds write vulnerability in the RSMC module. Impact: Successful exploitation of this vulner Out-of-bounds write vulnerability in the RSMC module. Impact: Successful exploitation of this vulnerability will affect availability.

nvd

CVE-2023-52364MEDIUMCVSS 6.3v3.0.0v3.1.0+1 more2024-04-08

CVE-2023-52364 [MEDIUM] CWE-120 CVE-2023-52364: Vulnerability of input parameters being not strictly verified in the RSMC module. Impact: Successful Vulnerability of input parameters being not strictly verified in the RSMC module. Impact: Successful exploitation of this vulnerability may cause out-of-bounds write.

nvd

CVE-2023-52544MEDIUMCVSS 4.3v2.0.0v2.1.0+3 more2024-04-08

CVE-2023-52544 [MEDIUM] CWE-22 CVE-2023-52544: Vulnerability of file path verification being bypassed in the email module. Impact: Successful explo Vulnerability of file path verification being bypassed in the email module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

nvd

CVE-2023-52542MEDIUMCVSS 6.5v2.0.0v2.1.0+3 more2024-04-08

CVE-2023-52542 [MEDIUM] CWE-281 CVE-2023-52542: Permission verification vulnerability in the system module. Impact: Successful exploitation of this Permission verification vulnerability in the system module. Impact: Successful exploitation of this vulnerability will affect availability.

nvd

CVE-2023-52543MEDIUMCVSS 6.2v2.0.0v2.1.0+3 more2024-04-08

CVE-2023-52543 [MEDIUM] CWE-269 CVE-2023-52543: Permission verification vulnerability in the system module. Impact: Successful exploitation of this Permission verification vulnerability in the system module. Impact: Successful exploitation of this vulnerability will affect availability.

nvd

← Previous21 / 54Next →