Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2021-40026

    There is a Heap-based buffer overflow vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.... Read more

    Affected Products : emui harmonyos magic_ui
    • Published: Jan. 10, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-40025

    The eID module has a vulnerability that causes the memory to be used without being initialized,Successful exploitation of this vulnerability may affect data confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Jan. 10, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-40024

    Implementation of the WLAN module interfaces has the information disclosure vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.... Read more

    Affected Products : emui harmonyos
    • Published: Sep. 16, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-40023

    Configuration defects in the secure OS module. Successful exploitation of this vulnerability will affect confidentiality.... Read more

    Affected Products : emui
    • Published: Sep. 16, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-40022

    The weaver module has a vulnerability in parameter type verification,Successful exploitation of this vulnerability may affect data confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Jan. 10, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-40021

    The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Jan. 10, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-40020

    There is an Out-of-bounds array read vulnerability in the security storage module in smartphones. Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : emui magic_ui
    • Published: Jan. 10, 2022
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2021-40019

    Out-of-bounds heap read vulnerability in the HW_KEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds access.... Read more

    Affected Products : emui magic_ui
    • Published: Sep. 16, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-40018

    The eID module has a null pointer reference vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Jan. 10, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-40017

    The HW_KEYMASTER module lacks the validity check of the key format. Successful exploitation of this vulnerability may result in out-of-bounds memory access.... Read more

    Affected Products : emui harmonyos
    • Published: Sep. 16, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-40016

    Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect confidentiality.... Read more

    Affected Products : emui magic_ui
    • Published: Jul. 12, 2022
    • Modified: Nov. 21, 2024

  • 4.7

    MEDIUM
    CVE-2021-40015

    There is a race condition vulnerability in the binder driver subsystem in the kernel.Successful exploitation of this vulnerability may affect kernel stability.... Read more

    Affected Products : emui harmonyos magic_ui
    • Published: Feb. 09, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-40014

    The bone voice ID trusted application (TA) has a heap overflow vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. ... Read more

    Affected Products : emui harmonyos
    • Published: Jan. 10, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-40013

    Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect integrity.... Read more

    Affected Products : emui magic_ui
    • Published: Jul. 12, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-40012

    Vulnerability of pointers being incorrectly used during data transmission in the video framework. Successful exploitation of this vulnerability may affect confidentiality.... Read more

    Affected Products : emui harmonyos magic_ui
    • Published: Jul. 12, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-40011

    There is an uncontrolled resource consumption vulnerability in the display module. Successful exploitation of this vulnerability may affect integrity.... Read more

    Affected Products : emui harmonyos magic_ui
    • Published: Jan. 10, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-40010

    The bone voice ID TA has a heap overflow vulnerability.Successful exploitation of this vulnerability may result in malicious code execution.... Read more

    Affected Products : emui harmonyos magic_ui
    • Published: Jan. 10, 2022
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-40009

    There is an Out-of-bounds write vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.... Read more

    Affected Products : emui harmonyos magic_ui
    • Published: Jan. 10, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-40008

    There is a memory leak vulnerability in CloudEngine 12800 V200R019C00SPC800, CloudEngine 5800 V200R019C00SPC800, CloudEngine 6800 V200R019C00SPC800 and CloudEngine 7800 V200R019C00SPC800. The software does not sufficiently track and release allocated memo... Read more

    • Published: Dec. 13, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-40007

    There is an information leak vulnerability in eCNS280_TD V100R005C10SPC650. The vulnerability is caused by improper log output management. An attacker with the ability to access the log file of device may lead to information disclosure.... Read more

    Affected Products : ecns280_td_firmware ecns280_td
    • Published: Dec. 13, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 293299 Results