U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 230 matching records.
Displaying matches 141 through 160.
Vuln ID Summary CVSS Severity
CVE-2022-41585

The kernel module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause memory overwriting.

Published: October 14, 2022; 12:15:23 PM -0400
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-41584

The kernel module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause memory overwriting.

Published: October 14, 2022; 12:15:23 PM -0400
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-41582

The security module has configuration defects.Successful exploitation of this vulnerability may affect system availability.

Published: October 14, 2022; 12:15:22 PM -0400
V4.0:(not available)
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2022-41581

The HW_KEYMASTER module has a vulnerability of not verifying the data read.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.

Published: October 14, 2022; 12:15:22 PM -0400
V4.0:(not available)
V3.1: 9.1 CRITICAL
V2.0:(not available)
CVE-2022-41580

The HW_KEYMASTER module has a vulnerability of not verifying the data read.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.

Published: October 14, 2022; 12:15:21 PM -0400
V4.0:(not available)
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2022-41578

The MPTCP module has an out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause root privilege escalation attacks implemented by modifying program information.

Published: October 14, 2022; 12:15:21 PM -0400
V4.0:(not available)
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2022-41576

The rphone module has a script that can be maliciously modified.Successful exploitation of this vulnerability may cause irreversible programs to be implanted on user devices.

Published: October 14, 2022; 12:15:20 PM -0400
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-38983

The BT Hfp Client module has a Use-After-Free (UAF) vulnerability.Successful exploitation of this vulnerability may result in arbitrary code execution.

Published: October 14, 2022; 12:15:14 PM -0400
V4.0:(not available)
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2021-46840

The HW_KEYMASTER module has an out-of-bounds access vulnerability in parameter set verification.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.

Published: October 14, 2022; 12:15:12 PM -0400
V4.0:(not available)
V3.1: 9.1 CRITICAL
V2.0:(not available)
CVE-2021-46839

The HW_KEYMASTER module has a vulnerability of missing bounds check on length.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.

Published: October 14, 2022; 12:15:11 PM -0400
V4.0:(not available)
V3.1: 9.1 CRITICAL
V2.0:(not available)
CVE-2022-39006

The MPTCP module has the race condition vulnerability. Successful exploitation of this vulnerability may cause the device to restart.

Published: September 16, 2022; 2:15:18 PM -0400
V4.0:(not available)
V3.1: 5.9 MEDIUM
V2.0:(not available)
CVE-2022-39005

The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks.

Published: September 16, 2022; 2:15:18 PM -0400
V4.0:(not available)
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2022-39004

The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks.

Published: September 16, 2022; 2:15:18 PM -0400
V4.0:(not available)
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2022-39001

The number identification module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause data disclosure.

Published: September 16, 2022; 2:15:17 PM -0400
V4.0:(not available)
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2022-39000

The iAware module has a vulnerability in managing malicious apps.Successful exploitation of this vulnerability will cause malicious apps to automatically start upon system startup.

Published: September 16, 2022; 2:15:17 PM -0400
V4.0:(not available)
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2021-40017

The HW_KEYMASTER module lacks the validity check of the key format. Successful exploitation of this vulnerability may result in out-of-bounds memory access.

Published: September 16, 2022; 2:15:11 PM -0400
V4.0:(not available)
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2022-37008

The recovery module has a vulnerability of bypassing the verification of an update package before use. Successful exploitation of this vulnerability may affect system stability.

Published: August 10, 2022; 4:16:04 PM -0400
V4.0:(not available)
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2022-37005

The Settings application has an argument injection vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.

Published: August 10, 2022; 4:16:04 PM -0400
V4.0:(not available)
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2022-37004

The Settings application has a vulnerability of bypassing the out-of-box experience (OOBE). Successful exploitation of this vulnerability may affect the availability.

Published: August 10, 2022; 4:16:04 PM -0400
V4.0:(not available)
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2022-37002

The SystemUI module has a privilege escalation vulnerability. Successful exploitation of this vulnerability can cause malicious applications to pop up windows or run in the background.

Published: August 10, 2022; 4:16:03 PM -0400
V4.0:(not available)
V3.1: 9.8 CRITICAL
V2.0:(not available)