Harmonyos Security Vulnerabilities
The bundle management module lacks permission verification in some APIs. Successful exploitation of this vulnerability may restore the pre-installed apps that have been...
7.5CVSS
7.5AI Score
0.001EPSS
The IHwAntiMalPlugin interface lacks permission verification. Successful exploitation of this vulnerability can lead to filling problems (batch installation of...
7.5CVSS
7.5AI Score
0.001EPSS
The geofencing kernel code does not verify the length of the input data. Successful exploitation of this vulnerability may cause out-of-bounds memory...
7.5CVSS
7.5AI Score
0.001EPSS
The SystemUI has a vulnerability in permission management. Successful exploitation of this vulnerability may cause users to receive broadcasts from malicious apps, conveying false alarm information about external storage...
5.3CVSS
5.1AI Score
0.001EPSS
The geofencing kernel code has a vulnerability of not verifying the length of the input data. Successful exploitation of this vulnerability may cause out-of-bounds memory...
7.5CVSS
7.5AI Score
0.001EPSS
The WMS module lacks the authentication mechanism in some APIs. Successful exploitation of this vulnerability may affect data...
7.5CVSS
7.6AI Score
0.001EPSS
The Bluetooth module has an out-of-memory (OOM) vulnerability. Successful exploitation of this vulnerability may affect data...
6.5CVSS
6.5AI Score
0.001EPSS
The IHwAttestationService interface has a defect in authentication. Successful exploitation of this vulnerability may affect data...
7.5CVSS
7.5AI Score
0.001EPSS
The Bluetooth module has an OOM vulnerability. Successful exploitation of this vulnerability may affect data...
6.5CVSS
6.5AI Score
0.001EPSS
The phone-PC collaboration module has a logic bypass vulnerability. Successful exploitation of this vulnerability may affect data confidentiality and...
9.1CVSS
9.1AI Score
0.001EPSS
The bundle management module lacks authentication and control mechanisms in some APIs. Successful exploitation of this vulnerability may affect data...
7.5CVSS
7.6AI Score
0.001EPSS
The bundle management module lacks authentication and control mechanisms in some APIs. Successful exploitation of this vulnerability may affect data...
7.5CVSS
7.6AI Score
0.001EPSS
The HwContacts module has a logic bypass vulnerability. Successful exploitation of this vulnerability may affect data...
7.5CVSS
7.5AI Score
0.001EPSS
The multi-screen collaboration module has a privilege escalation vulnerability. Successful exploitation of this vulnerability may affect data...
7.5CVSS
7.7AI Score
0.001EPSS
The DMSDP module of the distributed hardware has a vulnerability that may cause imposter control connections.Successful exploitation of this vulnerability may disconnect normal service...
7.5CVSS
7.5AI Score
0.001EPSS
The DUBAI module has a double free vulnerability. Successful exploitation of this vulnerability may affect system...
7.5CVSS
7.5AI Score
0.001EPSS
The Bluetooth AVRCP module has a vulnerability that can lead to DoS attacks.Successful exploitation of this vulnerability may cause the Bluetooth process to...
6.5CVSS
6.4AI Score
0.001EPSS
The memory management module has a logic bypass vulnerability.Successful exploitation of this vulnerability may affect data...
7.5CVSS
7.5AI Score
0.001EPSS
The HW_KEYMASTER module has a problem in releasing memory.Successful exploitation of this vulnerability may result in out-of-bounds memory...
7.5CVSS
7.5AI Score
0.001EPSS
The system has a vulnerability that may cause dynamic hiding and restoring of app icons.Successful exploitation of this vulnerability may cause malicious hiding of app...
7.5CVSS
7.5AI Score
0.001EPSS
The HW_KEYMASTER module has a problem in releasing memory.Successful exploitation of this vulnerability may result in out-of-bounds memory...
7.5CVSS
7.5AI Score
0.001EPSS
Some smartphones have authentication-related (including session management) vulnerabilities as the setup wizard is bypassed. Successful exploitation of this vulnerability affects the smartphone...
5.5CVSS
5.7AI Score
0.0004EPSS
The HAware module has a function logic error. Successful exploitation of this vulnerability will affect the account removal function in...
5.3CVSS
5.3AI Score
0.001EPSS
The Wi-Fi module has a vulnerability in permission verification. Successful exploitation of this vulnerability may affect data...
7.5CVSS
7.5AI Score
0.002EPSS
Some smartphones have configuration issues. Successful exploitation of this vulnerability may cause privilege escalation, which results in system service...
9.8CVSS
9.3AI Score
0.002EPSS
Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service...
9.8CVSS
9.4AI Score
0.002EPSS
The multi-screen collaboration module has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data...
7.5CVSS
7.5AI Score
0.001EPSS
The backup module has a path traversal vulnerability. Successful exploitation of this vulnerability causes unauthorized access to other system...
7.5CVSS
7.4AI Score
0.002EPSS
Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service...
9.8CVSS
9.4AI Score
0.002EPSS
The IPC module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system...
7.5CVSS
7.5AI Score
0.001EPSS
Some smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause system service...
9.8CVSS
9.4AI Score
0.002EPSS
The TelephonyProvider module has a vulnerability in obtaining values.Successful exploitation of this vulnerability may affect data...
7.5CVSS
7.5AI Score
0.001EPSS
The application management module has a vulnerability in permission verification. Successful exploitation of this vulnerability causes unexpected clear of device...
7.5CVSS
7.4AI Score
0.001EPSS
The contacts component has a free (undefined) provider vulnerability. Successful exploitation of this vulnerability may affect data...
7.5CVSS
7.5AI Score
0.001EPSS
Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service...
7.5CVSS
7.6AI Score
0.001EPSS
The power consumption module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system...
7.5CVSS
7.5AI Score
0.001EPSS
The sensor privacy module has an authentication vulnerability. Successful exploitation of this vulnerability may cause unavailability of the smartphone's camera and...
5.3CVSS
5.5AI Score
0.001EPSS
The system service has a vulnerability that causes incorrect return values. Successful exploitation of this vulnerability may affect data...
7.5CVSS
7.5AI Score
0.002EPSS
Some smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause system service...
9.8CVSS
9.4AI Score
0.002EPSS
A thread security vulnerability exists in the authentication process. Successful exploitation of this vulnerability may affect data integrity, confidentiality, and...
9.8CVSS
9.5AI Score
0.002EPSS
Fingerprint calibration has a vulnerability of lacking boundary judgment. Successful exploitation of this vulnerability may cause out-of-bounds...
9.8CVSS
9.3AI Score
0.002EPSS
The ProfileSDK has defects introduced in the design process. Successful exploitation of this vulnerability may affect system...
7.5CVSS
7.5AI Score
0.001EPSS
The kernel module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may cause memory...
9.8CVSS
9.2AI Score
0.002EPSS
Some smartphones have the input validation vulnerability. Successful exploitation of this vulnerability may affect data...
7.5CVSS
7.5AI Score
0.002EPSS
The system tool has inconsistent serialization and deserialization. Successful exploitation of this vulnerability will cause unauthorized startup of...
7.5CVSS
7.5AI Score
0.001EPSS
The DRM module has a vulnerability in verifying the secure memory attributes. Successful exploitation of this vulnerability may cause abnormal video...
9.8CVSS
9.3AI Score
0.002EPSS
The Display Service module has a UAF vulnerability. Successful exploitation of this vulnerability may affect the display service...
7.5CVSS
7.5AI Score
0.001EPSS
There is a vulnerability in permission verification during the Bluetooth pairing process. Successful exploitation of this vulnerability may cause the dialog box for confirming the pairing not to be displayed during Bluetooth...
4.3CVSS
4.6AI Score
0.001EPSS
The LBS module has a vulnerability in geofencing API access. Successful exploitation of this vulnerability may cause third-party apps to access the geofencing APIs without authorization, affecting user...
7.5CVSS
7.4AI Score
0.002EPSS
The power module has a vulnerability in permission verification. Successful exploitation of this vulnerability may cause abnormal status of a module on the...
7.5CVSS
7.4AI Score
0.001EPSS