VARIoT IoT vulnerabilities database
| VAR-202112-0237 | CVE-2021-37079 | Huawei Input validation vulnerability in smartphones |
CVSS V2: 6.4 CVSS V3: 9.1 Severity: CRITICAL |
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to delete arbitrary file by system_app permission. Huawei Smartphones contain a vulnerability related to input validation.Information is tampered with and service operation is interrupted (DoS) It may be in a state
| VAR-202112-0236 | CVE-2021-37080 | Huawei Incomplete Cleanup Vulnerability in Smartphones |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected. Huawei Smartphones contain an incomplete cleanup vulnerability.Service operation interruption (DoS) It may be in a state. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. There is a resource management error vulnerability in Huawei HarmonyOS, which is caused by a component of the product not properly releasing resources. Vulnerabilities that can be exploited by an attacker affect availability
| VAR-202112-0235 | CVE-2021-37081 | Huawei Input validation vulnerability in smartphones |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to nearby crash. Huawei Smartphones contain a vulnerability related to input validation.Service operation interruption (DoS) It may be in a state. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system
| VAR-202112-0234 | CVE-2021-37082 | Huawei Race Condition Vulnerability in Smartphones |
CVSS V2: 4.3 CVSS V3: 5.9 Severity: MEDIUM |
There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to motionhub crash. Huawei Smartphones contain a race condition vulnerability.Service operation interruption (DoS) It may be in a state. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system
| VAR-202112-0233 | CVE-2021-37083 | Huawei in smartphone NULL Pointer dereference vulnerability |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
There is a NULL Pointer Dereference vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Denial of Service Attacks. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system
| VAR-202112-0231 | CVE-2021-37087 | Huawei Path Traversal Vulnerability in Smartphones |
CVSS V2: 6.4 CVSS V3: 9.1 Severity: CRITICAL |
There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers can create arbitrary file. Huawei Smartphones have a path traversal vulnerability.Information may be obtained and information may be tampered with
| VAR-202112-0232 | CVE-2021-37086 | Huawei Vulnerability related to improper retention of permissions in smartphone products |
CVSS V2: 5.0 CVSS V3: 8.6 Severity: HIGH |
There is a Improper Preservation of Permissions vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers which can isolate and read synchronization files of other applications across the UID sandbox. Huawei A vulnerability related to improper retention of permissions exists in smartphone products.Information may be obtained. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in HUAWEI HarmonyOS
| VAR-202112-0230 | CVE-2021-37088 | Huawei Path Traversal Vulnerability in Smartphones |
CVSS V2: 6.4 CVSS V3: 9.1 Severity: CRITICAL |
There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers can write any content to any file. Huawei Smartphones have a path traversal vulnerability.Information may be obtained and information may be tampered with. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. Huawei HarmonyOS has security vulnerabilities
| VAR-202112-0229 | CVE-2021-37089 | Huawei Incomplete Cleanup Vulnerability in Smartphone Products |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to kernel restart. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system
| VAR-202112-0228 | CVE-2021-37090 | Huawei Out-of-bounds reading vulnerability in smartphone products |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to process crash. Huawei Smartphone products contain an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be in a state. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. Huawei HarmonyOS has security vulnerabilities
| VAR-202112-0227 | CVE-2021-37091 | Huawei Vulnerabilities in smartphone products |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
There is a Permissions,Privileges,and Access Controls vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to confidentiality affected. Huawei Smartphone products have unspecified vulnerabilities.Information may be obtained. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. There are security vulnerabilities in HUAWEI HarmonyOS, which can be exploited by attackers to affect confidentiality
| VAR-202112-0226 | CVE-2021-37094 | Huawei Input validation vulnerability in smartphones |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to system denial of service. Huawei Smartphones contain a vulnerability related to input validation.Service operation interruption (DoS) It may be in a state. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. The vulnerability is caused by a component of the product not validly validating the data
| VAR-202112-0225 | CVE-2021-37095 | Huawei Integer overflow vulnerability in smartphones |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
There is a Integer Overflow or Wraparound vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to remote denial of service and potential remote code execution. Huawei Smartphones contain an integer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in Huawei HarmonyOS, which is caused by a component of the product that fails to effectively verify integer data
| VAR-202112-0224 | CVE-2021-37096 | HarmonyOS Input verification vulnerability in |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to user privacy disclosed. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. There are security vulnerabilities in Huawei HarmonyOS, which can be exploited by attackers to leak user privacy
| VAR-202112-0223 | CVE-2021-37099 | HarmonyOS Past traversal vulnerability in |
CVSS V2: 6.4 CVSS V3: 9.1 Severity: CRITICAL |
There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to delete any file. HarmonyOS Exists in a past traversal vulnerability.Information is tampered with and service operation is interrupted (DoS) It may be in a state. Huawei HarmonyOS is China's Huawei ( Huawei ) company's operating system. Provide a microkernel-based full-scenario distributed operating system
| VAR-202112-0222 | CVE-2021-37100 | Huawei Authentication Vulnerability in Smartphones |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
There is a Improper Authentication vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to account authentication bypassed. Huawei Smartphones have an authentication vulnerability.Information may be obtained. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in Huawei HarmonyOS, which is caused by a component of the product that does not effectively authenticate user identities
| VAR-202109-1959 | CVE-2021-22319 | plural Huawei Integer overflow vulnerability in product |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause integer overflows. EMUI , HarmonyOS , Magic UI Exists in an integer overflow vulnerability.Service operation interruption (DoS) It may be in a state
| VAR-202109-1958 | CVE-2021-22480 | HarmonyOS Integer overflow vulnerability in |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
The interface of a certain HarmonyOS module has an integer overflow vulnerability. Successful exploitation of this vulnerability may lead to heap memory overflow. HarmonyOS Exists in an integer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202109-1957 | CVE-2021-22479 | HarmonyOS Buffer error vulnerability in module |
CVSS V2: 4.9 CVSS V3: 5.5 Severity: MEDIUM |
The interface of a certain HarmonyOS module has an invalid address access vulnerability. Successful exploitation of this vulnerability may lead to kernel crash. HarmonyOS The module contains a buffer error vulnerability.Service operation interruption (DoS) It may be in a state
| VAR-202109-1956 | CVE-2021-22478 | HarmonyOS Module Use of Freed Memory Vulnerability |
CVSS V2: 2.1 CVSS V3: 5.5 Severity: MEDIUM |
The interface of a certain HarmonyOS module has a UAF vulnerability. Successful exploitation of this vulnerability may lead to information leakage. HarmonyOS The module contains a usage of freed memory vulnerability.Information may be obtained