Huawei Harmonyos vulnerabilities
1,076 known vulnerabilities affecting huawei/harmonyos.
Total CVEs
1,076
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL138HIGH534MEDIUM365LOW39
Vulnerabilities
Page 29 of 54
CVE-2023-41302HIGHCVSS 7.5v2.0.0v2.0.1+4 more2023-09-25
CVE-2023-41302 [HIGH] CWE-22 CVE-2023-41302: Redirection permission verification vulnerability in the home screen module. Successful exploitation
Redirection permission verification vulnerability in the home screen module. Successful exploitation of this vulnerability may cause features to perform abnormally.
nvd
CVE-2023-41295MEDIUMCVSS 5.3v3.0.0v4.0.02023-09-25
CVE-2023-41295 [MEDIUM] CWE-732 CVE-2023-41295: Vulnerability of improper permission management in the displayengine module. Successful exploitation
Vulnerability of improper permission management in the displayengine module. Successful exploitation of this vulnerability may cause the screen to turn dim.
nvd
CVE-2023-39398CRITICALCVSS 9.1v2.0.0v2.0.1+3 more2023-08-13
CVE-2023-39398 [CRITICAL] CWE-275 CVE-2023-39398: Parameter verification vulnerability in the installd module. Successful exploitation of this vulnera
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.
nvd
CVE-2023-39405CRITICALCVSS 9.8v2.0.0v2.0.1+2 more2023-08-13
CVE-2023-39405 [CRITICAL] CWE-20 CVE-2023-39405: Vulnerability of out-of-bounds parameter read/write in the Wi-Fi module. Successful exploitation of
Vulnerability of out-of-bounds parameter read/write in the Wi-Fi module. Successful exploitation of this vulnerability may cause other apps to be executed with escalated privileges.
nvd
CVE-2023-39399CRITICALCVSS 9.1v2.0.0v2.0.1+3 more2023-08-13
CVE-2023-39399 [CRITICAL] CWE-275 CVE-2023-39399: Parameter verification vulnerability in the installd module. Successful exploitation of this vulnera
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.
nvd
CVE-2023-39403CRITICALCVSS 9.1v2.0.0v2.0.1+3 more2023-08-13
CVE-2023-39403 [CRITICAL] CWE-358 CVE-2023-39403: Parameter verification vulnerability in the installd module. Successful exploitation of this vulnera
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.
nvd
CVE-2023-39402CRITICALCVSS 9.1v2.0.0v2.0.1+3 more2023-08-13
CVE-2023-39402 [CRITICAL] CWE-22 CVE-2023-39402: Parameter verification vulnerability in the installd module. Successful exploitation of this vulnera
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.
nvd
CVE-2021-46895CRITICALCVSS 9.1v2.0.02023-08-13
CVE-2021-46895 [CRITICAL] CWE-701 CVE-2021-46895: Vulnerability of defects introduced in the design process in the Multi-Device Task Center. Successfu
Vulnerability of defects introduced in the design process in the Multi-Device Task Center. Successful exploitation of this vulnerability will cause the hopped app to bypass the app lock and reset the device that initiates the hop.
nvd
CVE-2023-39385CRITICALCVSS 9.1v2.0.0v2.1.0+1 more2023-08-13
CVE-2023-39385 [CRITICAL] CWE-16 CVE-2023-39385: Vulnerability of configuration defects in the media module of certain products.. Successful exploita
Vulnerability of configuration defects in the media module of certain products.. Successful exploitation of this vulnerability may cause unauthorized access.
nvd
CVE-2023-39401CRITICALCVSS 9.1v2.0.0v2.0.1+3 more2023-08-13
CVE-2023-39401 [CRITICAL] CWE-22 CVE-2023-39401: Parameter verification vulnerability in the installd module. Successful exploitation of this vulnera
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.
nvd
CVE-2023-39400CRITICALCVSS 9.1v2.0.0v2.0.1+3 more2023-08-13
CVE-2023-39400 [CRITICAL] CWE-22 CVE-2023-39400: Parameter verification vulnerability in the installd module. Successful exploitation of this vulnera
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.
nvd
CVE-2023-39395HIGHCVSS 7.5v2.0.0v3.0.0+1 more2023-08-13
CVE-2023-39395 [HIGH] CWE-19 CVE-2023-39395: Mismatch vulnerability in the serialization process in the communication system. Successful exploita
Mismatch vulnerability in the serialization process in the communication system. Successful exploitation of this vulnerability may affect availability.
nvd
CVE-2023-39396HIGHCVSS 7.5v3.0.0v3.1.02023-08-13
CVE-2023-39396 [HIGH] CWE-125 CVE-2023-39396: Deserialization vulnerability in the input module. Successful exploitation of this vulnerability may
Deserialization vulnerability in the input module. Successful exploitation of this vulnerability may affect availability.
nvd
CVE-2023-39381HIGHCVSS 7.5v2.0.0v2.0.1+3 more2023-08-13
CVE-2023-39381 [HIGH] CWE-20 CVE-2023-39381: Input verification vulnerability in the storage module. Successful exploitation of this vulnerabili
Input verification vulnerability in the storage module. Successful exploitation of this vulnerability may cause the device to restart.
nvd
CVE-2023-39390HIGHCVSS 7.5v3.0.0v3.1.02023-08-13
CVE-2023-39390 [HIGH] CWE-20 CVE-2023-39390: Vulnerability of input parameter verification in certain APIs in the window management module. Succe
Vulnerability of input parameter verification in certain APIs in the window management module. Successful exploitation of this vulnerability may cause the device to restart.
nvd
CVE-2023-39391HIGHCVSS 7.5v2.0.0v2.0.1+2 more2023-08-13
CVE-2023-39391 [HIGH] CWE-264 CVE-2023-39391: Vulnerability of system file information leakage in the USB Service module. Successful exploitation
Vulnerability of system file information leakage in the USB Service module. Successful exploitation of this vulnerability may affect confidentiality.
nvd
CVE-2023-39382HIGHCVSS 7.5v2.0.0v2.0.1+3 more2023-08-13
CVE-2023-39382 [HIGH] CWE-20 CVE-2023-39382: Input verification vulnerability in the audio module. Successful exploitation of this vulnerability
Input verification vulnerability in the audio module. Successful exploitation of this vulnerability may cause virtual machines (VMs) to restart.
nvd
CVE-2023-39389HIGHCVSS 7.5v2.0.0v2.0.1+3 more2023-08-13
CVE-2023-39389 [HIGH] CWE-120 CVE-2023-39389: Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploita
Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability.
nvd
CVE-2023-39404HIGHCVSS 7.5v3.0.0v3.1.02023-08-13
CVE-2023-39404 [HIGH] CWE-20 CVE-2023-39404: Vulnerability of input parameter verification in certain APIs in the window management module. Succe
Vulnerability of input parameter verification in certain APIs in the window management module. Successful exploitation of this vulnerability may cause the device to restart.
nvd
CVE-2023-39394HIGHCVSS 7.5v2.0.1v3.0.0+1 more2023-08-13
CVE-2023-39394 [HIGH] CWE-264 CVE-2023-39394: Vulnerability of API privilege escalation in the wifienhance module. Successful exploitation of this
Vulnerability of API privilege escalation in the wifienhance module. Successful exploitation of this vulnerability may cause the arp list to be modified.
nvd