CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56443
https://notcve.org/view.php?id=CVE-2024-56443
08 Jan 2025 — Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. • https://consumer.huawei.com/en/support/bulletin/2025/1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-54120
https://notcve.org/view.php?id=CVE-2024-54120
08 Jan 2025 — Race condition vulnerability in the distributed notification module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. Race condition vulnerability in the distributed notification module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. • https://consumer.huawei.com/en/support/bulletin/2025/1 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56439
https://notcve.org/view.php?id=CVE-2024-56439
08 Jan 2025 — Access control vulnerability in the identity authentication module Impact: Successful exploitation of this vulnerability may affect service confidentiality. Access control vulnerability in the identity authentication module Impact: Successful exploitation of this vulnerability may affect service confidentiality. • https://consumer.huawei.com/en/support/bulletin/2025/1 • CWE-693: Protection Mechanism Failure •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56437
https://notcve.org/view.php?id=CVE-2024-56437
08 Jan 2025 — Vulnerability of input parameters not being verified in the widget framework module Impact: Successful exploitation of this vulnerability may affect availability. Vulnerability of input parameters not being verified in the widget framework module Impact: Successful exploitation of this vulnerability may affect availability. • https://consumer.huawei.com/en/support/bulletin/2025/1 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56436
https://notcve.org/view.php?id=CVE-2024-56436
08 Jan 2025 — Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. • https://consumer.huawei.com/en/support/bulletin/2025/1 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56435
https://notcve.org/view.php?id=CVE-2024-56435
08 Jan 2025 — Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. • https://consumer.huawei.com/en/support/bulletin/2025/1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-54122
https://notcve.org/view.php?id=CVE-2024-54122
12 Dec 2024 — Concurrent variable access vulnerability in the ability module Impact: Successful exploitation of this vulnerability may affect availability. Concurrent variable access vulnerability in the ability module Impact: Successful exploitation of this vulnerability may affect availability. • https://consumer.huawei.com/en/support/bulletin/2024/12 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-54119
https://notcve.org/view.php?id=CVE-2024-54119
12 Dec 2024 — Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. • https://consumer.huawei.com/en/support/bulletin/2024/12 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-54117
https://notcve.org/view.php?id=CVE-2024-54117
12 Dec 2024 — Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. • https://consumer.huawei.com/en/support/bulletin/2024/12 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-54116
https://notcve.org/view.php?id=CVE-2024-54116
12 Dec 2024 — Out-of-bounds read vulnerability in the M3U8 module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. Out-of-bounds read vulnerability in the M3U8 module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. • https://consumer.huawei.com/en/support/bulletin/2024/12 • CWE-125: Out-of-bounds Read CWE-754: Improper Check for Unusual or Exceptional Conditions •