30 matches found
CVE-2026-0639
OpenHarmony v6.0 and earlier are affected by a vulnerability where missing release of memory can be exploited locally to cause a denial of service. Impact is limited to availability (local attacker, low privileges, no user interaction). CVSS notes: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. No remediat...
CVE-2025-27128 liteos_a has an UAF vulnerability
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free...
CVE-2025-25278 liteos_a has a race condition vulnerability
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition...
CVE-2025-27577 liteos_a has a race condition vulnerability
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition...
CVE-2025-22851 Liteos_A has an integer overflow vulnerability
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow...
CVE-2025-0304 Liteos_a has an use after free vulnerability
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free...
CVE-2025-0302 Liteos_a has an integer overflow read vulnerability
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause DOS through integer overflow...
CVE-2024-47398
The CVE-2024-47398 entry affects OpenHarmony v4.1.2 and earlier. It is an out-of-bounds write vulnerability that a local attacker can trigger to cause the device to fail to boot. Connected sources do not provide exploit details or a remediation in the supplied documents.
CVE-2024-45070
CVE-2024-45070 affects OpenHarmony (v4.1.2 and earlier). The vulnerability is an out-of-bounds read that enables a local attacker to cause an information leak. The description specifies a local-attack scenario and a confidentiality impact (high in CVSS) without indicating remote code execution. C...
CVE-2024-45070 Liteos_a has an out-of-bounds read vulnerability
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause information leak through out-of-bounds Read...
CVE-2024-9978 Liteos_a has an out-of-bounds read vulnerability
in OpenHarmony v4.1.1 and prior versions allow a local attacker cause information leak through out-of-bounds Read...
CVE-2024-9978 Liteos_a has an out-of-bounds read vulnerability
in OpenHarmony v4.1.1 and prior versions allow a local attacker cause information leak through out-of-bounds Read...
CVE-2024-10074 Liteos_a has an use after free vulnerability
in OpenHarmony v4.1.1 and prior versions allow a local attacker cause the common permission is upgraded to root through use after free...
CVE-2024-47402 Liteos_a has an Out-of-bounds Read vulnerability
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through out-of-bounds read...
CVE-2024-47402 Liteos_a has an Out-of-bounds Read vulnerability
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through out-of-bounds read...
CVE-2024-47137 Liteos_a has an out-of-bounds Write vulnerability
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through out-of-bounds write...
CVE-2024-47137 Liteos_a has an out-of-bounds Write vulnerability
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through out-of-bounds write...
CVE-2024-47404 Liteos_a has a double free vulnerability
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through double free...
CVE-2024-47404 Liteos_a has a double free vulnerability
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through double free...
CVE-2024-45382
The CVE-2024-45382 entry concerns OpenHarmony v4.1.0 and earlier. A local attacker can cause a denial-of-service via an out-of-bounds write in the affected component/function (root cause described as an out-of-bounds write). Public sources consolidate this vulnerability as local with low privileg...