U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 140 matching records.
Displaying matches 101 through 120.
Vuln ID Summary CVSS Severity
CVE-2023-39405

Vulnerability of out-of-bounds parameter read/write in the Wi-Fi module. Successful exploitation of this vulnerability may cause other apps to be executed with escalated privileges.

Published: August 13, 2023; 8:15:46 AM -0400
V4.0:(not available)
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2023-39389

Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability.

Published: August 13, 2023; 8:15:45 AM -0400
V4.0:(not available)
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2023-39388

Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability.

Published: August 13, 2023; 8:15:45 AM -0400
V4.0:(not available)
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2023-39383

Vulnerability of input parameters being not strictly verified in the AMS module. Successful exploitation of this vulnerability may compromise apps' data security.

Published: August 13, 2023; 8:15:45 AM -0400
V4.0:(not available)
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2023-39382

Input verification vulnerability in the audio module. Successful exploitation of this vulnerability may cause virtual machines (VMs) to restart.

Published: August 13, 2023; 8:15:45 AM -0400
V4.0:(not available)
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2023-39381

Input verification vulnerability in the storage module. Successful exploitation of this vulnerability may cause the device to restart.

Published: August 13, 2023; 8:15:44 AM -0400
V4.0:(not available)
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2023-1695

Vulnerability of failures to capture exceptions in the communication framework. Successful exploitation of this vulnerability may cause features to perform abnormally.

Published: July 06, 2023; 9:15:10 AM -0400
V4.0:(not available)
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2023-1691

Vulnerability of failures to capture exceptions in the communication framework. Successful exploitation of this vulnerability may cause features to perform abnormally.

Published: July 06, 2023; 9:15:10 AM -0400
V4.0:(not available)
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2022-48520

Unauthorized access vulnerability in the SystemUI module. Successful exploitation of this vulnerability may affect confidentiality.

Published: July 06, 2023; 9:15:10 AM -0400
V4.0:(not available)
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2022-48519

Unauthorized access vulnerability in the SystemUI module. Successful exploitation of this vulnerability may affect confidentiality.

Published: July 06, 2023; 9:15:10 AM -0400
V4.0:(not available)
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2022-48518

Vulnerability of signature verification in the iaware system being initialized later than the time when the system broadcasts are sent. Successful exploitation of this vulnerability may cause malicious apps to start upon power-on by spoofing the package names of apps in the startup trustlist, which affects system performance.

Published: July 06, 2023; 9:15:10 AM -0400
V4.0:(not available)
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-48517

Unauthorized service access vulnerability in the DSoftBus module. Successful exploitation of this vulnerability will affect availability.

Published: July 06, 2023; 9:15:10 AM -0400
V4.0:(not available)
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2022-48516

Vulnerability that a unique value can be obtained by a third-party app in the DSoftBus module. Successful exploitation of this vulnerability will affect confidentiality.

Published: July 06, 2023; 9:15:10 AM -0400
V4.0:(not available)
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2022-48515

Vulnerability of inappropriate permission control in Nearby. Successful exploitation of this vulnerability may affect service confidentiality.

Published: July 06, 2023; 9:15:10 AM -0400
V4.0:(not available)
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2022-48513

Vulnerability of identity verification being bypassed in the Gallery module. Successful exploitation of this vulnerability may cause out-of-bounds access.

Published: July 06, 2023; 9:15:10 AM -0400
V4.0:(not available)
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2022-48512

Use After Free (UAF) vulnerability in the Vdecoderservice service. Successful exploitation of this vulnerability may cause the image decoding feature to perform abnormally.

Published: July 06, 2023; 9:15:10 AM -0400
V4.0:(not available)
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2022-48511

Use After Free (UAF) vulnerability in the audio PCM driver module under special conditions. Successful exploitation of this vulnerability may cause audio features to perform abnormally.

Published: July 06, 2023; 9:15:10 AM -0400
V4.0:(not available)
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2022-48510

Input verification vulnerability in the AMS module. Successful exploitation of this vulnerability will cause unauthorized operations.

Published: July 06, 2023; 9:15:10 AM -0400
V4.0:(not available)
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2022-48509

Race condition vulnerability due to multi-thread access to mutually exclusive resources in Huawei Share. Successful exploitation of this vulnerability may cause the program to exit abnormally.

Published: July 06, 2023; 9:15:10 AM -0400
V4.0:(not available)
V3.1: 5.9 MEDIUM
V2.0:(not available)
CVE-2022-48508

Inappropriate authorization vulnerability in the system apps. Successful exploitation of this vulnerability may affect service integrity.

Published: July 06, 2023; 9:15:10 AM -0400
V4.0:(not available)
V3.1: 7.5 HIGH
V2.0:(not available)