Page 36 of 467 results (0.013 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Encryption bypass vulnerability in Maintenance mode. Successful exploitation of this vulnerability may affect service confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/7 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858 • CWE CATEGORY •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

Use After Free (UAF) vulnerability in the audio PCM driver module under special conditions. Successful exploitation of this vulnerability may cause audio features to perform abnormally. • https://consumer.huawei.com/en/support/bulletin/2023/7 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858 • CWE-416: Use After Free CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

Input verification vulnerability in the AMS module. Successful exploitation of this vulnerability will cause unauthorized operations. • https://consumer.huawei.com/en/support/bulletin/2023/7 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0

Race condition vulnerability due to multi-thread access to mutually exclusive resources in Huawei Share. Successful exploitation of this vulnerability may cause the program to exit abnormally. • https://consumer.huawei.com/en/support/bulletin/2023/7 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-476: NULL Pointer Dereference •

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0

Vulnerability of identity verification being bypassed in the storage module. Successful exploitation of this vulnerability may affect service confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/7 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858 • CWE-294: Authentication Bypass by Capture-replay •