VARIoT IoT vulnerabilities database
| VAR-202110-1475 | CVE-2021-37002 | Huawei Buffer Error Vulnerability in Smartphones |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
There is a Memory out-of-bounds access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause malicious code to be executed. Huawei Smartphones contain a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202110-1460 | CVE-2021-22451 | HarmonyOS Integer overflow vulnerability in |
CVSS V2: 4.6 CVSS V3: 7.8 Severity: HIGH |
A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause memory overwriting. HarmonyOS Exists in an integer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202110-1459 | CVE-2021-22454 | HarmonyOS Vulnerability in leaking resources to the wrong area in |
CVSS V2: 2.1 CVSS V3: 5.5 Severity: MEDIUM |
A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause core dump. HarmonyOS Exists in a vulnerability related to the leakage of resources to the wrong area.Service operation interruption (DoS) It may be in a state
| VAR-202110-1458 | CVE-2021-22461 | HarmonyOS Vulnerability in resource allocation without restrictions or throttling in |
CVSS V2: 2.1 CVSS V3: 5.5 Severity: MEDIUM |
A component of the HarmonyOS has a Allocation of Resources Without Limits or Throttling vulnerability. Local attackers may exploit this vulnerability to cause nearby process crash
| VAR-202110-1456 | CVE-2021-22463 | HarmonyOS Vulnerability in using free memory in |
CVSS V2: 2.1 CVSS V3: 5.5 Severity: MEDIUM |
A component of the HarmonyOS has a Use After Free vulnerability . Local attackers may exploit this vulnerability to cause Kernel Information disclosure
| VAR-202110-1457 | CVE-2021-22462 | HarmonyOS In NULL Pointer dereference vulnerability |
CVSS V2: 2.1 CVSS V3: 5.5 Severity: MEDIUM |
A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause kernel crash
| VAR-202110-1455 | CVE-2021-22464 | HarmonyOS Out-of-bounds read vulnerability in |
CVSS V2: 4.6 CVSS V3: 3.3 Severity: LOW |
A component of the HarmonyOS has a Out-of-bounds Read vulnerability. Local attackers may exploit this vulnerability to cause system Soft Restart. HarmonyOS Exists in an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be in a state
| VAR-202110-1454 | CVE-2021-22465 | HarmonyOS Out-of-bounds write vulnerability in |
CVSS V2: 2.1 CVSS V3: 5.5 Severity: MEDIUM |
A component of the HarmonyOS has a Heap-based Buffer Overflow vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable. HarmonyOS Exists in an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state
| VAR-202110-1453 | CVE-2021-22466 | HarmonyOS Vulnerability in using free memory in |
CVSS V2: 2.1 CVSS V3: 5.5 Severity: MEDIUM |
A component of the HarmonyOS has a Use After Free vulnerability. Local attackers may exploit this vulnerability to cause kernel crash. HarmonyOS Exists in a vulnerability related to the use of freed memory.Service operation interruption (DoS) It may be in a state
| VAR-202110-1452 | CVE-2021-22467 | HarmonyOS Input verification vulnerability in |
CVSS V2: 2.1 CVSS V3: 5.5 Severity: MEDIUM |
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to read at any address
| VAR-202110-1451 | CVE-2021-22468 | HarmonyOS Vulnerability in leaking resources to the wrong area in |
CVSS V2: 2.1 CVSS V3: 3.3 Severity: LOW |
A component of the HarmonyOS has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability. Local attackers may exploit this vulnerability to cause kernel address leakage. HarmonyOS Exists in a vulnerability related to the leakage of resources to the wrong area.Information may be obtained
| VAR-202110-1450 | CVE-2021-22469 | HarmonyOS Out-of-bounds read vulnerability in |
CVSS V2: 3.6 CVSS V3: 7.1 Severity: HIGH |
A component of the HarmonyOS has a Out-of-bounds Read vulnerability. Local attackers may exploit this vulnerability to cause kernel out-of-bounds read. HarmonyOS Exists in an out-of-bounds read vulnerability.Information is obtained and service operation is interrupted (DoS) It may be in a state
| VAR-202110-1449 | CVE-2021-22470 | HarmonyOS Vulnerability in |
CVSS V2: 4.6 CVSS V3: 7.8 Severity: HIGH |
A component of the HarmonyOS has a Privileges Controls vulnerability. Local attackers may exploit this vulnerability to expand the Recording Trusted Domain. HarmonyOS Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202110-1447 | CVE-2021-36989 | Huawei Improper Default Permission Vulnerability in Smartphones |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
There is a Kernel crash vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may escalate permissions. Huawei Smartphones are vulnerable to improper default permissions.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202110-1448 | CVE-2021-22471 | HarmonyOS In NULL Pointer dereference vulnerability |
CVSS V2: 2.1 CVSS V3: 5.5 Severity: MEDIUM |
A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause nearby process crash
| VAR-202110-1443 | CVE-2021-22407 | Huawei Vulnerabilities in smartphones |
CVSS V2: 5.0 CVSS V3: 5.3 Severity: MEDIUM |
There is a Configuration defects in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. Huawei Smartphones have unspecified vulnerabilities.Information may be obtained
| VAR-202110-1442 | CVE-2021-22450 | HarmonyOS Incomplete Cleanup Vulnerability in |
CVSS V2: 4.9 CVSS V3: 5.5 Severity: MEDIUM |
A component of the HarmonyOS has a Incomplete Cleanup vulnerability. Local attackers may exploit this vulnerability to cause memory exhaustion. HarmonyOS contains an incomplete cleanup vulnerability.Service operation interruption (DoS) It may be in a state
| VAR-202110-1435 | CVE-2021-22455 | HarmonyOS Integer overflow vulnerability in |
CVSS V2: 2.1 CVSS V3: 5.5 Severity: MEDIUM |
A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause the memory which is not released. HarmonyOS Exists in an integer overflow vulnerability.Service operation interruption (DoS) It may be in a state
| VAR-202110-1434 | CVE-2021-22456 | HarmonyOS Vulnerability in |
CVSS V2: 2.1 CVSS V3: 5.5 Severity: MEDIUM |
A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable. HarmonyOS Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state
| VAR-202110-1432 | CVE-2021-22459 | HarmonyOS In NULL Pointer dereference vulnerability |
CVSS V2: 2.1 CVSS V3: 5.5 Severity: MEDIUM |
A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause System functions which are unavailable