) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:huawei:harmonyos:2.0.1:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2023-1693 |
The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality. Published: May 20, 2023; 11:15:08 AM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2023-1692 |
The window management module lacks permission verification.Successful exploitation of this vulnerability may affect confidentiality. Published: May 20, 2023; 11:15:08 AM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2023-26549 |
The SystemUI module has a vulnerability of repeated app restart due to improper parameters. Successful exploitation of this vulnerability may affect confidentiality. Published: March 27, 2023; 6:15:21 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2023-26548 |
The pgmng module has a vulnerability in serialization/deserialization. Successful exploitation of this vulnerability may affect availability. Published: March 27, 2023; 6:15:21 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2023-26547 |
The InputMethod module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation. Published: March 27, 2023; 6:15:21 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2022-48359 |
The recovery mode for updates has a vulnerability that causes arbitrary disk modification. Successful exploitation of this vulnerability may affect confidentiality. Published: March 27, 2023; 6:15:20 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2022-48357 |
Some products have the double fetch vulnerability. Successful exploitation of this vulnerability may cause denial of service (DoS) attacks to the kernel. Published: March 27, 2023; 6:15:20 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2022-48351 |
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect availability. Published: March 27, 2023; 6:15:20 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2022-48349 |
The control component has a spoofing vulnerability. Successful exploitation of this vulnerability may affect confidentiality and availability. Published: March 27, 2023; 6:15:19 PM -0400 |
V4.0:(not available) V3.1: 9.1 CRITICAL V2.0:(not available) |
| CVE-2022-48346 |
The HwContacts module has a logic bypass vulnerability. Successful exploitation of this vulnerability may affect confidentiality. Published: March 27, 2023; 6:15:19 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2022-48291 |
The Bluetooth module has an authentication bypass vulnerability in the pairing process. Successful exploitation of this vulnerability may affect confidentiality. Published: March 27, 2023; 6:15:19 PM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |
| CVE-2022-48289 |
The bundle management module lacks authentication and control mechanisms in some APIs. Successful exploitation of this vulnerability may affect data confidentiality. Published: February 09, 2023; 12:15:12 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2022-48288 |
The bundle management module lacks authentication and control mechanisms in some APIs. Successful exploitation of this vulnerability may affect data confidentiality. Published: February 09, 2023; 12:15:12 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2022-46328 |
Some smartphones have the input validation vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. Published: December 20, 2022; 4:15:12 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2022-46321 |
The Wi-Fi module has a vulnerability in permission verification. Successful exploitation of this vulnerability may affect data confidentiality. Published: December 20, 2022; 4:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2022-46318 |
The HAware module has a function logic error. Successful exploitation of this vulnerability will affect the account removal function in Settings. Published: December 20, 2022; 4:15:11 PM -0500 |
V4.0:(not available) V3.1: 5.3 MEDIUM V2.0:(not available) |
| CVE-2022-46317 |
The power consumption module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability. Published: December 20, 2022; 4:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2022-46316 |
A thread security vulnerability exists in the authentication process. Successful exploitation of this vulnerability may affect data integrity, confidentiality, and availability. Published: December 20, 2022; 4:15:11 PM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available) |
| CVE-2022-46315 |
The ProfileSDK has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability. Published: December 20, 2022; 4:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2022-46314 |
The IPC module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability. Published: December 20, 2022; 4:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |