Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2021-22313

    There is a Security Function vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality.... Read more

    Affected Products : emui magic_ui
    • EPSS Score: %0.14
    • Published: Jun. 03, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-22312

    There is a memory leak vulnerability in some Huawei products. An authenticated remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cau... Read more

    • EPSS Score: %0.19
    • Published: Apr. 08, 2021
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2021-22311

    There is an improper permission assignment vulnerability in Huawei ManageOne product. Due to improper security hardening, the process can run with a higher privilege. Successful exploit could allow certain users to do certain operations with improper perm... Read more

    Affected Products : manageone
    • EPSS Score: %0.15
    • Published: Mar. 22, 2021
    • Modified: Nov. 21, 2024

  • 4.4

    MEDIUM
    CVE-2021-22310

    There is an information leakage vulnerability in some huawei products. Due to the properly storage of specific information in the log file, the attacker can obtain the information when a user logs in to the device. Successful exploit may cause an informat... Read more

    • EPSS Score: %0.03
    • Published: Mar. 22, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-22309

    There is insecure algorithm vulnerability in Huawei products. A module uses less random input in a secure mechanism. Attackers can exploit this vulnerability by brute forcing to obtain sensitive message. This can lead to information leak. Affected product... Read more

    • EPSS Score: %0.15
    • Published: Mar. 22, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-22308

    There is a Business Logic Errors vulnerability in Huawei Smartphone. The malicious apps installed on the device can keep taking screenshots in the background. This issue does not cause system errors, but may cause personal information leakage.... Read more

    Affected Products : emui magic_ui
    • EPSS Score: %0.02
    • Published: Jun. 03, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-22307

    There is a weak algorithm vulnerability in Mate 3010.0.0.203(C00E201R7P2). The protection is insufficient for the modules that should be protected. Local attackers can exploit this vulnerability to affect the integrity of certain module.... Read more

    Affected Products : mate_30_firmware mate_30
    • EPSS Score: %0.02
    • Published: Feb. 06, 2021
    • Modified: Nov. 21, 2024

  • 4.6

    MEDIUM
    CVE-2021-22306

    There is an out-of-bound read vulnerability in Mate 30 10.0.0.182(C00E180R6P2). A module does not verify the some input when dealing with messages. Attackers can exploit this vulnerability by sending malicious input through specific module. This could cau... Read more

    Affected Products : mate_30_firmware mate_30
    • EPSS Score: %0.02
    • Published: Feb. 06, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-22305

    There is a buffer overflow vulnerability in Mate 30 10.1.0.126(C00E125R5P3). A module does not verify the some input when dealing with messages. Attackers can exploit this vulnerability by sending malicious input through specific module. This could cause ... Read more

    Affected Products : mate_30_firmware mate_30
    • EPSS Score: %0.03
    • Published: Feb. 06, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-22304

    There is a use after free vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). A module may refer to some memory after it has been freed while dealing with some messages. Attackers can exploit this vulnerability by sending specific message to the affected m... Read more

    Affected Products : taurus-al00a_firmware taurus-al00a
    • EPSS Score: %0.03
    • Published: Feb. 06, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-22303

    There is a pointer double free vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). There is a lack of muti-thread protection when a function is called. Attackers can exploit this vulnerability by performing malicious operation to cause pointer double free.... Read more

    Affected Products : taurus-al00a_firmware taurus-al00a
    • EPSS Score: %0.08
    • Published: Feb. 06, 2021
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2021-22302

    There is an out-of-bound read vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). A module does not verify the some input. Attackers can exploit this vulnerability by sending malicious input through specific app. This could cause out-of-bound, compromising... Read more

    Affected Products : taurus-al00a_firmware taurus-al00a
    • EPSS Score: %0.03
    • Published: Feb. 06, 2021
    • Modified: Nov. 21, 2024

  • 6.7

    MEDIUM
    CVE-2021-22301

    Mate 30 10.0.0.203(C00E201R7P2) have a buffer overflow vulnerability. After obtaining the root permission, an attacker can exploit the vulnerability to cause buffer overflow.... Read more

    Affected Products : mate_30_firmware mate_30
    • EPSS Score: %0.03
    • Published: Feb. 06, 2021
    • Modified: Nov. 21, 2024

  • 4.1

    MEDIUM
    CVE-2021-22300

    There is an information leak vulnerability in eCNS280_TD versions V100R005C00 and V100R005C10. A command does not have timeout exit mechanism. Temporary file contains sensitive information. This allows attackers to obtain information by inter-process acce... Read more

    Affected Products : ecns280_td_firmware ecns280_td
    • EPSS Score: %0.01
    • Published: Feb. 06, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-22299

    There is a local privilege escalation vulnerability in some Huawei products. A local, authenticated attacker could craft specific commands to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. Affected... Read more

    • EPSS Score: %0.02
    • Published: Feb. 06, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-22298

    There is a logic vulnerability in Huawei Gauss100 OLTP Product. An attacker with certain permissions could perform specific SQL statement to exploit this vulnerability. Due to insufficient security design, successful exploit can cause service abnormal. Af... Read more

    Affected Products : manageone
    • EPSS Score: %0.18
    • Published: Feb. 06, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-22296

    A component of HarmonyOS 2.0 has a DoS vulnerability. Local attackers may exploit this vulnerability to mount a file system to the target device, causing DoS of the file system.... Read more

    Affected Products : harmonyos
    • EPSS Score: %0.07
    • Published: Mar. 02, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-22295

    A component of the HarmonyOS has a permission bypass vulnerability. Local attackers may exploit this vulnerability to cause the device to hang due to the page error OsVmPageFaultHandler.... Read more

    Affected Products : harmonyos
    • EPSS Score: %0.02
    • Published: Aug. 06, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-22294

    A component API of the HarmonyOS 2.0 has a permission bypass vulnerability. Local attackers may exploit this vulnerability to issue commands repeatedly, exhausting system service resources.... Read more

    Affected Products : harmonyos
    • EPSS Score: %0.02
    • Published: Mar. 02, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-22293

    Some Huawei products have an inconsistent interpretation of HTTP requests vulnerability. Attackers can exploit this vulnerability to cause information leak. Affected product versions include: CampusInsight versions V100R019C10; ManageOne versions 6.5.1.1,... Read more

    • EPSS Score: %0.13
    • Published: Feb. 06, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 290954 Results