CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-46883
https://notcve.org/view.php?id=CVE-2021-46883
26 May 2023 — The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. • https://consumer.huawei.com/en/support/bulletin/2023/5 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-46884
https://notcve.org/view.php?id=CVE-2021-46884
26 May 2023 — The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. • https://consumer.huawei.com/en/support/bulletin/2023/5 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-46885
https://notcve.org/view.php?id=CVE-2021-46885
26 May 2023 — The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. • https://consumer.huawei.com/en/support/bulletin/2023/5 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-46886
https://notcve.org/view.php?id=CVE-2021-46886
26 May 2023 — The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. • https://consumer.huawei.com/en/support/bulletin/2023/5 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-31225
https://notcve.org/view.php?id=CVE-2023-31225
26 May 2023 — The Gallery app has the risk of hijacking attacks. Successful exploitation of this vulnerability may cause download failures and affect product availability. • https://consumer.huawei.com/en/support/bulletin/2023/5 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-1696
https://notcve.org/view.php?id=CVE-2023-1696
20 May 2023 — The multimedia video module has a vulnerability in data processing.Successful exploitation of this vulnerability may affect availability. • https://consumer.huawei.com/en/support/bulletin/2023/4 • CWE-203: Observable Discrepancy •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-1694
https://notcve.org/view.php?id=CVE-2023-1694
20 May 2023 — The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/4 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-1693
https://notcve.org/view.php?id=CVE-2023-1693
20 May 2023 — The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/4 • CWE-269: Improper Privilege Management CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-1692
https://notcve.org/view.php?id=CVE-2023-1692
20 May 2023 — The window management module lacks permission verification.Successful exploitation of this vulnerability may affect confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/4 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-48314
https://notcve.org/view.php?id=CVE-2022-48314
16 Apr 2023 — The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing process. Successful exploitation of this vulnerability may affect confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/4 • CWE-287: Improper Authentication •