CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-39388
https://notcve.org/view.php?id=CVE-2023-39388
13 Aug 2023 — Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability. • https://consumer.huawei.com/en/support/bulletin/2023/8 • CWE-20: Improper Input Validation CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-1285: Improper Validation of Specified Index, Position, or Offset in Input •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-1695
https://notcve.org/view.php?id=CVE-2023-1695
06 Jul 2023 — Vulnerability of failures to capture exceptions in the communication framework. Successful exploitation of this vulnerability may cause features to perform abnormally. • https://consumer.huawei.com/en/support/bulletin/2023/7 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-1691
https://notcve.org/view.php?id=CVE-2023-1691
06 Jul 2023 — Vulnerability of failures to capture exceptions in the communication framework. Successful exploitation of this vulnerability may cause features to perform abnormally. • https://consumer.huawei.com/en/support/bulletin/2023/7 • CWE-248: Uncaught Exception •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-48517
https://notcve.org/view.php?id=CVE-2022-48517
06 Jul 2023 — Unauthorized service access vulnerability in the DSoftBus module. Successful exploitation of this vulnerability will affect availability. • https://consumer.huawei.com/en/support/bulletin/2023/7 • CWE CATEGORY •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-48516
https://notcve.org/view.php?id=CVE-2022-48516
06 Jul 2023 — Vulnerability that a unique value can be obtained by a third-party app in the DSoftBus module. Successful exploitation of this vulnerability will affect confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/7 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-48515
https://notcve.org/view.php?id=CVE-2022-48515
06 Jul 2023 — Vulnerability of inappropriate permission control in Nearby. Successful exploitation of this vulnerability may affect service confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/7 • CWE-269: Improper Privilege Management •
CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48513
https://notcve.org/view.php?id=CVE-2022-48513
06 Jul 2023 — Vulnerability of identity verification being bypassed in the Gallery module. Successful exploitation of this vulnerability may cause out-of-bounds access. • https://consumer.huawei.com/en/support/bulletin/2023/7 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-48507
https://notcve.org/view.php?id=CVE-2022-48507
06 Jul 2023 — Vulnerability of identity verification being bypassed in the storage module. Successful exploitation of this vulnerability may affect service confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/7 • CWE-294: Authentication Bypass by Capture-replay •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-48508
https://notcve.org/view.php?id=CVE-2022-48508
06 Jul 2023 — Inappropriate authorization vulnerability in the system apps. Successful exploitation of this vulnerability may affect service integrity. • https://consumer.huawei.com/en/support/bulletin/2023/7 • CWE-264: Permissions, Privileges, and Access Controls CWE-863: Incorrect Authorization •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-34156
https://notcve.org/view.php?id=CVE-2023-34156
19 Jun 2023 — Vulnerability of services denied by early fingerprint APIs on HarmonyOS products.Successful exploitation of this vulnerability may cause services to be denied. • https://consumer.huawei.com/en/support/bulletin/2023/6 • CWE-384: Session Fixation •