Every CVE whose affected-product data names Huawei Harmonyos, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (200)
CVE-2023-34157 — CVSS 10.0 (critical): Vulnerability of HwWatchHealth being hijacked.Successful exploitation of this vulnerability may cause repeated pop-up windows of the app.
CVE-2022-39002 — CVSS 9.8 (critical): Double free vulnerability in the storage module. Successful exploitation of this vulnerability will cause the memory to be freed twice.
CVE-2021-22430 — CVSS 9.8 (critical): There is a logic bypass vulnerability in smartphones. Successful exploitation of this vulnerability may cause code injection.
CVE-2021-22431 — CVSS 9.8 (critical): There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause…
CVE-2023-52370 — CVSS 9.8 (critical): Stack overflow vulnerability in the network acceleration module.Successful exploitation of this vulnerability may cause unauthorized file…
CVE-2022-39007 — CVSS 9.8 (critical): The location module has a vulnerability of bypassing permission verification.Successful exploitation of this vulnerability may cause…
CVE-2021-37095 — CVSS 9.8 (critical): There is a Integer Overflow or Wraparound vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to…
CVE-2022-39009 — CVSS 9.8 (critical): The WLAN module has a vulnerability in permission verification. Successful exploitation of this vulnerability may cause third-party apps to…
CVE-2023-41297 — CVSS 9.8 (critical): Vulnerability of defects introduced in the design process in the HiviewTunner module. Successful exploitation of this vulnerability may…
CVE-2021-39990 — CVSS 9.8 (critical): The screen lock module has a Stack-based Buffer Overflow vulnerability.Successful exploitation of this vulnerability may affect user…
CVE-2023-44105 — CVSS 9.8 (critical): Vulnerability of permissions not being strictly verified in the window management module.Successful exploitation of this vulnerability may…
CVE-2021-22480 — CVSS 9.8 (critical): The interface of a certain HarmonyOS module has an integer overflow vulnerability. Successful exploitation of this vulnerability may lead…
CVE-2022-41578 — CVSS 9.8 (critical): The MPTCP module has an out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause root privilege escalation…
CVE-2022-41580 — CVSS 9.8 (critical): The HW_KEYMASTER module has a vulnerability of not verifying the data read.Successful exploitation of this vulnerability may cause…
CVE-2021-39996 — CVSS 9.8 (critical): There is a Heap-based buffer overflow vulnerability with the NFC module in smartphones. Successful exploitation of this vulnerability may…
CVE-2021-37040 — CVSS 9.8 (critical): There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause privilege…
CVE-2023-44106 — CVSS 9.8 (critical): API permission management vulnerability in the Fwk-Display module.Successful exploitation of this vulnerability may cause features to…
CVE-2021-22433 — CVSS 9.8 (critical): There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be…
CVE-2023-44116 — CVSS 9.8 (critical): Vulnerability of access permissions not being strictly verified in the APPWidget module.Successful exploitation of this vulnerability may…
CVE-2021-22432 — CVSS 9.8 (critical): There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause…
CVE-2023-46773 — CVSS 9.8 (critical): Permission management vulnerability in the PMS module. Successful exploitation of this vulnerability may cause privilege escalation.
CVE-2023-52103 — CVSS 9.8 (critical): Buffer overflow vulnerability in the FLP module. Successful exploitation of this vulnerability may cause out-of-bounds read.
CVE-2022-48511 — CVSS 9.8 (critical): Use After Free (UAF) vulnerability in the audio PCM driver module under special conditions. Successful exploitation of this vulnerability…
CVE-2021-46890 — CVSS 9.8 (critical): Vulnerability of incomplete read and write permission verification in the GPU module. Successful exploitation of this vulnerability may…
CVE-2022-39000 — CVSS 9.8 (critical): The iAware module has a vulnerability in managing malicious apps.Successful exploitation of this vulnerability will cause malicious apps to…
CVE-2023-41294 — CVSS 9.8 (critical): The DP module has a service hijacking vulnerability.Successful exploitation of this vulnerability may affect some Super Device services.
CVE-2021-22426 — CVSS 9.8 (critical): There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be…
CVE-2022-38999 — CVSS 9.8 (critical): The AOD module has the improper update of reference count vulnerability. Successful exploitation of this vulnerability may affect data…
CVE-2021-22429 — CVSS 9.8 (critical): There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be…
CVE-2022-29794 — CVSS 9.8 (critical): The frame scheduling module has a Use After Free (UAF) vulnerability.Successful exploitation of this vulnerability will affect data…
CVE-2022-48353 — CVSS 9.8 (critical): Some smartphones have configuration issues. Successful exploitation of this vulnerability may cause kernel privilege escalation, which…
CVE-2023-37242 — CVSS 9.8 (critical): Vulnerability of commands from the modem being intercepted in the atcmdserver module. Attackers may exploit this vulnerability to rewrite…
CVE-2021-40050 — CVSS 9.8 (critical): There is an out-of-bounds read vulnerability in the IFAA module. Successful exploitation of this vulnerability may cause stack overflow.
CVE-2021-46891 — CVSS 9.8 (critical): Vulnerability of incomplete read and write permission verification in the GPU module. Successful exploitation of this vulnerability may…
CVE-2021-40036 — CVSS 9.8 (critical): The bone voice ID TA has a memory overwrite vulnerability. Successful exploitation of this vulnerability may result in malicious code…
CVE-2021-46851 — CVSS 9.8 (critical): The DRM module has a vulnerability in verifying the secure memory attributes. Successful exploitation of this vulnerability may cause…
CVE-2021-37063 — CVSS 9.8 (critical): There is a Cryptographic Issues vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to read and…
CVE-2022-48513 — CVSS 9.8 (critical): Vulnerability of identity verification being bypassed in the Gallery module. Successful exploitation of this vulnerability may cause…
CVE-2022-46327 — CVSS 9.8 (critical): Some smartphones have configuration issues. Successful exploitation of this vulnerability may cause privilege escalation, which results in…
CVE-2021-46894 — CVSS 9.8 (critical): Use After Free (UAF) vulnerability in the uinput module.Successful exploitation of this vulnerability may lead to kernel privilege…
CVE-2021-37084 — CVSS 9.8 (critical): There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to malicious…
CVE-2022-46326 — CVSS 9.8 (critical): Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service…
CVE-2022-48510 — CVSS 9.8 (critical): Input verification vulnerability in the AMS module. Successful exploitation of this vulnerability will cause unauthorized operations.
CVE-2022-48605 — CVSS 9.8 (critical): Input verification vulnerability in the fingerprint module. Successful exploitation of this vulnerability will affect confidentiality…
CVE-2022-46325 — CVSS 9.8 (critical): Some smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause system service…
CVE-2023-52381 — CVSS 9.8 (critical): Script injection vulnerability in the email module.Successful exploitation of this vulnerability may affect service confidentiality…
CVE-2023-52378 — CVSS 9.8 (critical): Vulnerability of incorrect service logic in the WindowManagerServices module.Successful exploitation of this vulnerability may cause…
CVE-2022-46324 — CVSS 9.8 (critical): Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service…
CVE-2022-46323 — CVSS 9.8 (critical): Some smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause system service…
CVE-2022-46320 — CVSS 9.8 (critical): The kernel module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may cause memory overwriting.
CVE-2022-37002 — CVSS 9.8 (critical): The SystemUI module has a privilege escalation vulnerability. Successful exploitation of this vulnerability can cause malicious…
CVE-2022-37003 — CVSS 9.8 (critical): The AOD module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may cause permission escalation…
CVE-2022-46319 — CVSS 9.8 (critical): Fingerprint calibration has a vulnerability of lacking boundary judgment. Successful exploitation of this vulnerability may cause…
CVE-2021-37128 — CVSS 9.8 (critical): HwPCAssistant has a Path Traversal vulnerability .Successful exploitation of this vulnerability may write any file.
CVE-2022-46316 — CVSS 9.8 (critical): A thread security vulnerability exists in the authentication process. Successful exploitation of this vulnerability may affect data…
CVE-2022-44562 — CVSS 9.8 (critical): The system framework layer has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may…
CVE-2023-39405 — CVSS 9.8 (critical): Vulnerability of out-of-bounds parameter read/write in the Wi-Fi module. Successful exploitation of this vulnerability may cause other apps…
CVE-2022-44559 — CVSS 9.8 (critical): The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause…
CVE-2022-38980 — CVSS 9.8 (critical): The HwAirlink module has a heap overflow vulnerability in processing data packets of the proprietary protocol.Successful exploitation of…
CVE-2022-44558 — CVSS 9.8 (critical): The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause…
CVE-2022-38982 — CVSS 9.8 (critical): The fingerprint module has service logic errors.Successful exploitation of this vulnerability will cause the phone lock to be cracked.
CVE-2022-38983 — CVSS 9.8 (critical): The BT Hfp Client module has a Use-After-Free (UAF) vulnerability.Successful exploitation of this vulnerability may result in arbitrary…
CVE-2021-40017 — CVSS 9.8 (critical): The HW_KEYMASTER module lacks the validity check of the key format. Successful exploitation of this vulnerability may result in…
CVE-2022-48479 — CVSS 9.8 (critical): The facial recognition TA of some products has the out-of-bounds memory read vulnerability. Successful exploitation of this vulnerability…
CVE-2022-48478 — CVSS 9.8 (critical): The facial recognition TA of some products lacks memory length verification. Successful exploitation of this vulnerability may cause…
CVE-2021-37049 — CVSS 9.8 (critical): There is a Heap-based buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may rewrite the…
CVE-2021-22434 — CVSS 9.8 (critical): There is a memory address out of bounds vulnerability in smartphones. Successful exploitation of this vulnerability may cause malicious…
CVE-2022-44551 — CVSS 9.8 (critical): The iaware module has a vulnerability in thread security. Successful exploitation of this vulnerability will affect confidentiality…
CVE-2021-46786 — CVSS 9.8 (critical): The audio module has a vulnerability in verifying the parameters passed by the application space.Successful exploitation of this…
CVE-2022-22258 — CVSS 9.8 (critical): The Wi-Fi module has an event notification vulnerability.Successful exploitation of this vulnerability may allow third-party applications…
CVE-2021-37022 — CVSS 9.8 (critical): There is a Heap-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause root…
CVE-2021-39979 — CVSS 9.8 (critical): HHEE system has a Code Injection vulnerability.Successful exploitation of this vulnerability may affect HHEE system integrity.
CVE-2021-37045 — CVSS 9.8 (critical): There is an UAF vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart…
CVE-2021-40010 — CVSS 9.8 (critical): The bone voice ID TA has a heap overflow vulnerability.Successful exploitation of this vulnerability may result in malicious code execution.
CVE-2022-48512 — CVSS 9.8 (critical): Use After Free (UAF) vulnerability in the Vdecoderservice service. Successful exploitation of this vulnerability may cause the image…
CVE-2026-28536 — CVSS 9.6 (critical): Authentication bypass vulnerability in the device authentication module. Impact: Successful exploitation of this vulnerability will affect…
CVE-2024-39671 — CVSS 9.3 (critical): Access control vulnerability in the security verification module. Impact: Successful exploitation of this vulnerability may affect service…
CVE-2024-42037 — CVSS 9.3 (critical): Vulnerability of uncaught exceptions in the Graphics module Impact: Successful exploitation of this vulnerability may affect service…
CVE-2025-64314 — CVSS 9.3 (critical): Permission control vulnerability in the memory management module. Impact: Successful exploitation of this vulnerability may affect…
CVE-2021-46839 — CVSS 9.1 (critical): The HW_KEYMASTER module has a vulnerability of missing bounds check on length.Successful exploitation of this vulnerability may cause…
CVE-2021-37087 — CVSS 9.1 (critical): There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers can create…
CVE-2021-37088 — CVSS 9.1 (critical): There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers can write…
CVE-2021-46895 — CVSS 9.1 (critical): Vulnerability of defects introduced in the design process in the Multi-Device Task Center. Successful exploitation of this vulnerability…
CVE-2022-22260 — CVSS 9.1 (critical): The kernel module has a UAF vulnerability.Successful exploitation of this vulnerability will affect data integrity and availability.
CVE-2026-34865 — CVSS 9.1 (critical): Out-of-bounds write vulnerability in the WEB module.Impact: Successful exploitation of this vulnerability will affect availability and…
CVE-2021-37099 — CVSS 9.1 (critical): There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to delete any file.
CVE-2024-30415 — CVSS 9.1 (critical): Vulnerability of improper permission control in the window management module. Impact: Successful exploitation of this vulnerability will…
CVE-2023-5801 — CVSS 9.1 (critical): Vulnerability of identity verification being bypassed in the face unlock module. Successful exploitation of this vulnerability will affect…
CVE-2022-31760 — CVSS 9.1 (critical): Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services. Successful exploitation of this…
CVE-2023-52538 — CVSS 9.1 (critical): Vulnerability of package name verification being bypassed in the HwIms module. Impact: Successful exploitation of this vulnerability will…
CVE-2021-22394 — CVSS 9.1 (critical): There is a buffer overflow vulnerability in smartphones. Successful exploitation of this vulnerability may cause DoS of the apps during…
CVE-2022-34737 — CVSS 9.1 (critical): The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data…
CVE-2021-37116 — CVSS 9.1 (critical): PCManager has a Weaknesses Introduced During Design vulnerability .Successful exploitation of this vulnerability may cause that the PIN of…
CVE-2021-37011 — CVSS 9.1 (critical): There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to…
CVE-2021-37016 — CVSS 9.1 (critical): There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause Information…
CVE-2022-38986 — CVSS 9.1 (critical): The HIPP module has a vulnerability of bypassing the check of the data transferred in the kernel space.Successful exploitation of this…
CVE-2021-37020 — CVSS 9.1 (critical): There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to…
CVE-2021-37021 — CVSS 9.1 (critical): There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to…
CVE-2021-39982 — CVSS 9.1 (critical): Phone Manager application has a Improper Privilege Management vulnerability.Successful exploitation of this vulnerability may read and…
CVE-2022-39008 — CVSS 9.1 (critical): The NFC module has bundle serialization/deserialization vulnerabilities. Successful exploitation of this vulnerability may cause…
CVE-2023-52369 — CVSS 9.1 (critical): Stack overflow vulnerability in the NFC module.Successful exploitation of this vulnerability may affect service availability and integrity.
CVE-2022-41581 — CVSS 9.1 (critical): The HW_KEYMASTER module has a vulnerability of not verifying the data read.Successful exploitation of this vulnerability may cause…
CVE-2023-52101 — CVSS 9.1 (critical): Component exposure vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect service availability and…
CVE-2023-44118 — CVSS 9.1 (critical): Vulnerability of undefined permissions in the MeeTime module.Successful exploitation of this vulnerability will affect availability and…
CVE-2023-44107 — CVSS 9.1 (critical): Vulnerability of defects introduced in the design process in the screen projection module.Successful exploitation of this vulnerability may…
CVE-2023-41296 — CVSS 9.1 (critical): Vulnerability of missing authorization in the kernel module. Successful exploitation of this vulnerability may affect integrity and…
CVE-2023-39407 — CVSS 9.1 (critical): The Watchkit has a risk of unauthorized file access.Successful exploitation of this vulnerability may affect confidentiality and integrity.
CVE-2021-37051 — CVSS 9.1 (critical): There is an Out-of-bounds read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds…
CVE-2023-39403 — CVSS 9.1 (critical): Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be…
CVE-2023-39402 — CVSS 9.1 (critical): Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be…
CVE-2023-39401 — CVSS 9.1 (critical): Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be…
CVE-2021-37062 — CVSS 9.1 (critical): There is a Improper Validation of Array Index vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to…
CVE-2021-37064 — CVSS 9.1 (critical): There is a Improper Limitation of a Pathname to a Restricted Directory vulnerability in Huawei Smartphone.Successful exploitation of this…
CVE-2023-39400 — CVSS 9.1 (critical): Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be…
CVE-2021-37065 — CVSS 9.1 (critical): There is a Integer Overflow or Wraparound vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to…
CVE-2022-48290 — CVSS 9.1 (critical): The phone-PC collaboration module has a logic bypass vulnerability. Successful exploitation of this vulnerability may affect data…
CVE-2023-39399 — CVSS 9.1 (critical): Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be…
CVE-2023-39398 — CVSS 9.1 (critical): Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be…
CVE-2023-39385 — CVSS 9.1 (critical): Vulnerability of configuration defects in the media module of certain products.. Successful exploitation of this vulnerability may cause…
CVE-2023-37245 — CVSS 9.1 (critical): Buffer overflow vulnerability in the modem pinctrl module. Successful exploitation of this vulnerability may affect the integrity and…
CVE-2021-40053 — CVSS 9.1 (critical): There is a permission control vulnerability in the Nearby module.Successful exploitation of this vulnerability will affect availability and…
CVE-2022-48312 — CVSS 9.1 (critical): The HwPCAssistant module has the out-of-bounds read/write vulnerability. Successful exploitation of this vulnerability may affect…
CVE-2023-37240 — CVSS 9.1 (critical): Vulnerability of missing input length verification in the distributed file system. Successful exploitation of this vulnerability may cause…
CVE-2022-48348 — CVSS 9.1 (critical): The MediaProvider module has a vulnerability of unauthorized data read. Successful exploitation of this vulnerability may affect…
CVE-2022-48349 — CVSS 9.1 (critical): The control component has a spoofing vulnerability. Successful exploitation of this vulnerability may affect confidentiality and…
CVE-2023-3455 — CVSS 9.1 (critical): Key management vulnerability on system. Successful exploitation of this vulnerability may affect service availability and integrity.
CVE-2021-46742 — CVSS 9.1 (critical): The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings.Secure data.Successful exploitation of this…
CVE-2021-37079 — CVSS 9.1 (critical): There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to delete…
CVE-2021-46840 — CVSS 9.1 (critical): The HW_KEYMASTER module has an out-of-bounds access vulnerability in parameter set verification.Successful exploitation of this…
CVE-2025-48906 — CVSS 8.8 (high): Authentication bypass vulnerability in the DSoftBus module Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-54627 — CVSS 8.8 (high): Out-of-bounds write vulnerability in the skia module. Impact: Successful exploitation of this vulnerability may affect service…
CVE-2021-40000 — CVSS 8.8 (high): The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious…
CVE-2024-42038 — CVSS 8.8 (high): Vulnerability of PIN enhancement failures in the screen lock module Impact: Successful exploitation of this vulnerability may affect…
CVE-2025-31173 — CVSS 8.8 (high): Memory write permission bypass vulnerability in the kernel futex module Impact: Successful exploitation of this vulnerability may affect…
CVE-2021-40002 — CVSS 8.8 (high): The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious…
CVE-2021-37086 — CVSS 8.6 (high): There is a Improper Preservation of Permissions vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead…
CVE-2024-58045 — CVSS 8.6 (high): Multi-concurrency vulnerability in the media digital copyright protection module Impact: Successful exploitation of this vulnerability may…
CVE-2024-54098 — CVSS 8.5 (high): Service logic error vulnerability in the system service module Impact: Successful exploitation of this vulnerability may affect service…
CVE-2025-66328 — CVSS 8.4 (high): Multi-thread race condition vulnerability in the network management module. Impact: Successful exploitation of this vulnerability may…
CVE-2025-66324 — CVSS 8.4 (high): Input verification vulnerability in the compression and decompression module. Impact: Successful exploitation of this vulnerability may…
CVE-2025-31175 — CVSS 8.4 (high): Deserialization mismatch vulnerability in the DSoftBus module Impact: Successful exploitation of this vulnerability may affect service…
CVE-2024-58125 — CVSS 8.4 (high): Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect…
CVE-2024-58126 — CVSS 8.4 (high): Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect…
CVE-2021-22376 — CVSS 8.4 (high): A component of the HarmonyOS has a Improper Privilege Management vulnerability. Local attackers may exploit this vulnerability to bypass…
CVE-2025-54652 — CVSS 8.4 (high): Path traversal vulnerability in the virtualization base module. Successful exploitation of this vulnerability may affect the…
CVE-2026-24930 — CVSS 8.4 (high): UAF concurrency vulnerability in the graphics module. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-39672 — CVSS 8.4 (high): Memory request logic vulnerability in the memory module. Impact: Successful exploitation of this vulnerability will affect integrity and…
CVE-2024-58127 — CVSS 8.4 (high): Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect…
CVE-2024-42035 — CVSS 8.4 (high): Permission control vulnerability in the App Multiplier module Impact:Successful exploitation of this vulnerability may affect functionality…
CVE-2024-32997 — CVSS 8.4 (high): Race condition vulnerability in the binder driver module Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2025-58299 — CVSS 8.4 (high): Use After Free (UAF) vulnerability in the storage management module. Successful exploitation of this vulnerability may affect availability.
CVE-2025-58302 — CVSS 8.4 (high): Permission control vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service…
CVE-2025-58303 — CVSS 8.4 (high): UAF vulnerability in the screen recording framework module. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-31170 — CVSS 8.4 (high): Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect…
CVE-2025-58280 — CVSS 8.4 (high): Vulnerability of exposing object heap addresses in the Ark eTS module. Impact: Successful exploitation of this vulnerability may affect…
CVE-2025-54653 — CVSS 8.4 (high): Path traversal vulnerability in the virtualization file module. Successful exploitation of this vulnerability may affect the…
CVE-2025-68957 — CVSS 8.4 (high): Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploitation of this vulnerability may affect…
CVE-2025-68960 — CVSS 8.4 (high): Multi-thread race condition vulnerability in the video framework module. Impact: Successful exploitation of this vulnerability may affect…
CVE-2024-58044 — CVSS 8.4 (high): Permission verification bypass vulnerability in the notification module Impact: Successful exploitation of this vulnerability may affect…
CVE-2025-58281 — CVSS 8.4 (high): Out-of-bounds read vulnerability in the runtime interpreter module. Impact: Successful exploitation of this vulnerability may affect…
CVE-2024-58124 — CVSS 8.4 (high): Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect…
CVE-2026-24926 — CVSS 8.4 (high): Out-of-bounds write vulnerability in the camera module. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-54622 — CVSS 8.3 (high): Binding authentication bypass vulnerability in the devicemanager module. Impact: Successful exploitation of this vulnerability may affect…
CVE-2025-48911 — CVSS 8.2 (high): Vulnerability of improper permission assignment in the note sharing module Impact: Successful exploitation of this vulnerability may affect…
CVE-2023-34154 — CVSS 8.2 (high): Vulnerability of undefined permissions in HUAWEI VR screen projection.Successful exploitation of this vulnerability will cause third-party…
CVE-2024-51526 — CVSS 8.2 (high): Permission control vulnerability in the hidebug module Impact: Successful exploitation of this vulnerability may affect service…
CVE-2025-48905 — CVSS 8.1 (high): Wasm exception capture vulnerability in the arkweb v8 module Impact: Successful exploitation of this vulnerability may cause the failure to…
CVE-2021-37134 — CVSS 8.1 (high): Location-related APIs exists a Race Condition vulnerability.Successful exploitation of this vulnerability may use Higher Permissions for…
CVE-2021-37074 — CVSS 8.1 (high): There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the user root…
CVE-2025-54655 — CVSS 8.1 (high): Race condition vulnerability in the virtualization base module. Successful exploitation of this vulnerability may affect the…
CVE-2025-68958 — CVSS 8.0 (high): Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploitation of this vulnerability may affect…
CVE-2025-58310 — CVSS 8.0 (high): Permission control vulnerability in the distributed component. Impact: Successful exploitation of this vulnerability may affect service…
CVE-2025-68956 — CVSS 8.0 (high): Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploitation of this vulnerability may affect…
CVE-2025-54634 — CVSS 8.0 (high): Vulnerability of improper processing of abnormal conditions in huge page separation. Impact: Successful exploitation of this vulnerability…
CVE-2025-68955 — CVSS 8.0 (high): Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploitation of this vulnerability may affect…
CVE-2024-36502 — CVSS 7.9 (high): Out-of-bounds read vulnerability in the audio module Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2021-22458 — CVSS 7.8 (high): A component of the HarmonyOS has a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability. Local attackers…
CVE-2023-26547 — CVSS 7.8 (high): The InputMethod module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may…
CVE-2024-36500 — CVSS 7.8 (high): Privilege escalation vulnerability in the AMS module Impact: Successful exploitation of this vulnerability may affect service…
CVE-2021-22470 — CVSS 7.8 (high): A component of the HarmonyOS has a Privileges Controls vulnerability. Local attackers may exploit this vulnerability to expand the…
CVE-2022-31762 — CVSS 7.8 (high): The AMS module has a vulnerability in input validation. Successful exploitation of this vulnerability may cause privilege escalation.
CVE-2021-22416 — CVSS 7.8 (high): A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel…
CVE-2024-56447 — CVSS 7.8 (high): Vulnerability of improper permission control in the window management module Impact: Successful exploitation of this vulnerability may…
CVE-2025-31172 — CVSS 7.8 (high): Memory write permission bypass vulnerability in the kernel futex module Impact: Successful exploitation of this vulnerability may affect…
CVE-2021-22418 — CVSS 7.8 (high): A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause…
CVE-2025-48903 — CVSS 7.8 (high): Permission bypass vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2021-22420 — CVSS 7.8 (high): A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this…
CVE-2021-22425 — CVSS 7.8 (high): A component of the HarmonyOS has a Double Free vulnerability. Local attackers may exploit this vulnerability to cause Root Elevating…
CVE-2021-22451 — CVSS 7.8 (high): A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause…
CVE-2021-22423 — CVSS 7.8 (high): A component of the HarmonyOS has a Out-of-bounds Write Vulnerability. Local attackers may exploit this vulnerability to cause integer…
CVE-2021-22422 — CVSS 7.8 (high): A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause…
CVE-2021-22421 — CVSS 7.8 (high): A component of the HarmonyOS has a Improper Privilege Management vulnerability. Local attackers may exploit this vulnerability to cause…
CVE-2025-46584 — CVSS 7.8 (high): Vulnerability of improper authentication logic implementation in the file system module Impact: Successful exploitation of this…
CVE-2025-58287 — CVSS 7.8 (high): Use After Free (UAF) vulnerability in the office service. Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2022-41585 — CVSS 7.8 (high): The kernel module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause memory overwriting.
CVE-2022-41584 — CVSS 7.8 (high): The kernel module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause memory overwriting.
CVE-2022-41576 — CVSS 7.8 (high): The rphone module has a script that can be maliciously modified.Successful exploitation of this vulnerability may cause irreversible…
CVE-2025-68968 — CVSS 7.8 (high): Double free vulnerability in the multi-mode input module. Impact: Successful exploitation of this vulnerability may affect the input…
CVE-2024-57960 — CVSS 7.7 (high): Input verification vulnerability in the ExternalStorageProvider module Impact: Successful exploitation of this vulnerability may affect…