| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The rphone module has a script that can be maliciously modified.Successful exploitation of this vulnerability may cause irreversible programs to be implanted on user devices. |
| The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service. |
| Deserialization mismatch vulnerability in the DSoftBus module
Impact: Successful exploitation of this vulnerability may affect service integrity. |
| Access control vulnerability in the security verification module
Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. |
| Access control vulnerability in the security verification module
Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. |
| Access control vulnerability in the security verification module
Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. |
| Access control vulnerability in the security verification module
Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. |
| Access control vulnerability in the security verification module
Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. |
| Missing parameter type validation in the DRM module. Successful exploitation of this vulnerability may affect availability.
|
| The kernel module has the vulnerability that the mapping is not cleared after the memory is automatically released. Successful exploitation of this vulnerability may cause a system restart. |
| The memory management module has the logic bypass vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. |
| The DRM module has a vulnerability in verifying the secure memory attributes. Successful exploitation of this vulnerability may cause abnormal video playback. |
| The Display Service module has a UAF vulnerability. Successful exploitation of this vulnerability may affect the display service availability. |
| There is a race condition vulnerability in SD upgrade mode. Successful exploitation of this vulnerability may affect data confidentiality. |
| The system framework layer has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation. |
| The lock screen module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability. |
| The iaware module has a vulnerability in thread security. Successful exploitation of this vulnerability will affect confidentiality, integrity, and availability. |
| The graphics display module has a UAF vulnerability when traversing graphic layers. Successful exploitation of this vulnerability may affect system availability. |
| The LBS module has a vulnerability in geofencing API access. Successful exploitation of this vulnerability may cause third-party apps to access the geofencing APIs without authorization, affecting user confidentiality. |
| There is a vulnerability in permission verification during the Bluetooth pairing process. Successful exploitation of this vulnerability may cause the dialog box for confirming the pairing not to be displayed during Bluetooth pairing. |
