Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere via the project details API endpoint. An attacker can access sensitive repository credentials by using API tokens with project-level or project get permissions,...

SUSE CVE-2024-52284

Unauthorized disclosure of sensitive data: Any user with GET or LIST permissions on BundleDeployment resources could retrieve Helm values containing credentials or other secrets...

CVE-2025-27563

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission...

CVE-2025-27247

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission...

CVE-2025-26691

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission...

CVE-2025-27563

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission...

CVE-2025-26693

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission...

PT-2025-24361 · Unknown · Openharmony

Name of the Vulnerable Software and Affected Versions: OpenHarmony versions prior to 5.0.3 Description: The issue allows a local attacker to cause an information leak through the get permission. Recommendations: For versions prior to 5.0.3, update to a version that contains a fix for this issue. ...

CVE-2024-22177

in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through get permission...

CVE-2024-22177 Audio has an improper preservation of permissions vulnerability

in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through get permission...