Page 49 of 624 results (0.018 seconds)

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

The IHwAntiMalPlugin interface lacks permission verification. Successful exploitation of this vulnerability can lead to filling problems (batch installation of applications). • https://consumer.huawei.com/en/support/bulletin/2023/2 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202302-0000001454769474 • CWE-281: Improper Preservation of Permissions •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

The geofencing kernel code does not verify the length of the input data. Successful exploitation of this vulnerability may cause out-of-bounds memory access. • https://consumer.huawei.com/en/support/bulletin/2023/2 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202302-0000001454769474 • CWE-1284: Improper Validation of Specified Quantity in Input •

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0

The AMS module has a vulnerability of lacking permission verification in APIs.Successful exploitation of this vulnerability may affect data confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/2 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202302-0000001454769474 •

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0

The WMS module lacks the authentication mechanism in some APIs. Successful exploitation of this vulnerability may affect data confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/2 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202302-0000001454769474 • CWE-306: Missing Authentication for Critical Function •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

The bundle management module lacks authentication and control mechanisms in some APIs. Successful exploitation of this vulnerability may affect data confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/2 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202302-0000001454769474 • CWE-306: Missing Authentication for Critical Function •