CVSS: 5.1EPSS: 0%CPEs: 12EXPL: 0CVE-2025-54646
https://notcve.org/view.php?id=CVE-2025-54646
06 Aug 2025 — Vulnerability of inadequate packet length check in the BLE module. Impact: Successful exploitation of this vulnerability may affect performance. Vulnerabilidad de verificación inadecuada de la longitud de los paquetes en el módulo BLE. Impacto: La explotación exitosa de esta vulnerabilidad podría afectar el rendimiento. Vulnerability of inadequate packet length check in the BLE module. Impact: Successful exploitation of this vulnerability may affect performance. • https://consumer.huawei.com/en/support/bulletin/2025/8 • CWE-130: Improper Handling of Length Parameter Inconsistency •
CVSS: 7.3EPSS: 0%CPEs: 12EXPL: 0CVE-2025-54611
https://notcve.org/view.php?id=CVE-2025-54611
06 Aug 2025 — EXTRA_REFERRER resource read vulnerability in the Gallery module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. Vulnerabilidad de lectura del recurso EXTRA_REFERRER en el módulo Gallery. Impacto: La explotación exitosa de esta vulnerabilidad podría afectar la confidencialidad del servicio. EXTRA_REFERRER resource read vulnerability in the Gallery module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. • https://consumer.huawei.com/en/support/bulletin/2025/8 • CWE-840: Business Logic Errors •
CVSS: 6.2EPSS: 0%CPEs: 10EXPL: 0CVE-2025-53186
https://notcve.org/view.php?id=CVE-2025-53186
07 Jul 2025 — Vulnerability that allows third-party call apps to send broadcasts without verification in the audio framework module Impact: Successful exploitation of this vulnerability may affect availability. Vulnerability that allows third-party call apps to send broadcasts without verification in the audio framework module Impact: Successful exploitation of this vulnerability may affect availability. • https://consumer.huawei.com/en/support/bulletin/2025/7 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.6EPSS: 0%CPEs: 10EXPL: 0CVE-2025-48902
https://notcve.org/view.php?id=CVE-2025-48902
06 Jun 2025 — Vulnerability of uncontrolled system resource applications in the setting module Impact: Successful exploitation of this vulnerability may affect availability. Vulnerability of uncontrolled system resource applications in the setting module Impact: Successful exploitation of this vulnerability may affect availability. • https://consumer.huawei.com/en/support/bulletin/2025/6 • CWE-118: Incorrect Access of Indexable Resource ('Range Error') •
CVSS: 8.4EPSS: 0%CPEs: 8EXPL: 0CVE-2025-31175
https://notcve.org/view.php?id=CVE-2025-31175
07 Apr 2025 — Deserialization mismatch vulnerability in the DSoftBus module Impact: Successful exploitation of this vulnerability may affect service integrity. Deserialization mismatch vulnerability in the DSoftBus module Impact: Successful exploitation of this vulnerability may affect service integrity. • https://consumer.huawei.com/en/support/bulletin/2025/4 • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.4EPSS: 0%CPEs: 10EXPL: 0CVE-2024-58044
https://notcve.org/view.php?id=CVE-2024-58044
04 Mar 2025 — Permission verification bypass vulnerability in the notification module Impact: Successful exploitation of this vulnerability may affect availability. Permission verification bypass vulnerability in the notification module Impact: Successful exploitation of this vulnerability may affect availability. • https://consumer.huawei.com/en/support/bulletin/2025/3 • CWE-20: Improper Input Validation •
CVSS: 7.3EPSS: 0%CPEs: 10EXPL: 0CVE-2024-58043
https://notcve.org/view.php?id=CVE-2024-58043
04 Mar 2025 — Permission bypass vulnerability in the window module Impact: Successful exploitation of this vulnerability may affect service confidentiality. Permission bypass vulnerability in the window module Impact: Successful exploitation of this vulnerability may affect service confidentiality. • https://consumer.huawei.com/en/support/bulletin/2025/3 • CWE-840: Business Logic Errors •
CVSS: 6.6EPSS: 0%CPEs: 9EXPL: 0CVE-2024-56449
https://notcve.org/view.php?id=CVE-2024-56449
08 Jan 2025 — Privilege escalation vulnerability in the Account module Impact: Successful exploitation of this vulnerability may affect service confidentiality. Privilege escalation vulnerability in the Account module Impact: Successful exploitation of this vulnerability may affect service confidentiality. • https://consumer.huawei.com/en/support/bulletin/2025/1 • CWE-840: Business Logic Errors •
CVSS: 6.7EPSS: 0%CPEs: 9EXPL: 0CVE-2024-56448
https://notcve.org/view.php?id=CVE-2024-56448
08 Jan 2025 — Vulnerability of improper access control in the home screen widget module Impact: Successful exploitation of this vulnerability may affect availability. Vulnerability of improper access control in the home screen widget module Impact: Successful exploitation of this vulnerability may affect availability. • https://consumer.huawei.com/en/support/bulletin/2025/1 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-56447
https://notcve.org/view.php?id=CVE-2024-56447
08 Jan 2025 — Vulnerability of improper permission control in the window management module Impact: Successful exploitation of this vulnerability may affect service confidentiality. Vulnerability of improper permission control in the window management module Impact: Successful exploitation of this vulnerability may affect service confidentiality. • https://consumer.huawei.com/en/support/bulletin/2025/1 • CWE-269: Improper Privilege Management •