NotCVE - vendor:"Huawei" product:"Harmonyos" version:"3.0.0"

Page 55 of 326 results (0.007 seconds)

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2022-48298

https://notcve.org/view.php?id=CVE-2022-48298

The geofencing kernel code does not verify the length of the input data. Successful exploitation of this vulnerability may cause out-of-bounds memory access. • https://consumer.huawei.com/en/support/bulletin/2023/2 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202302-0000001454769474 • CWE-1284: Improper Validation of Specified Quantity in Input •

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0

CVE-2022-48302

https://notcve.org/view.php?id=CVE-2022-48302

The AMS module has a vulnerability of lacking permission verification in APIs.Successful exploitation of this vulnerability may affect data confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/2 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202302-0000001454769474 •

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2022-48300

https://notcve.org/view.php?id=CVE-2022-48300

The WMS module lacks the authentication mechanism in some APIs. Successful exploitation of this vulnerability may affect data confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/2 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202302-0000001454769474 • CWE-306: Missing Authentication for Critical Function •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2022-48289

https://notcve.org/view.php?id=CVE-2022-48289

The bundle management module lacks authentication and control mechanisms in some APIs. Successful exploitation of this vulnerability may affect data confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/2 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202302-0000001454769474 • CWE-306: Missing Authentication for Critical Function •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2022-41590

https://notcve.org/view.php?id=CVE-2022-41590

Some smartphones have authentication-related (including session management) vulnerabilities as the setup wizard is bypassed. Successful exploitation of this vulnerability affects the smartphone availability. Algunos teléfonos inteligentes tienen vulnerabilidades relacionadas con la autenticación (incluida la administración de sesiones) ya que se omite el asistente de configuración. La explotación exitosa de esta vulnerabilidad afecta la disponibilidad de los teléfonos inteligentes. • https://device.harmonyos.com/en/docs/security/update/security-bulletins-202212-0000001462975397 • CWE-287: Improper Authentication •

1...53 54 55 56 57