479 matches found
Malicious code in @pnc-ref/harmony-core-v18 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9af3593ce67756288a2b5c3d0b337f86b5dc510085895bc2d8f76629a79a350 The package @pnc-ref/harmony-core-v18 was found to contain malicious code. Source: ghsa-malware...
Huawei EMUI和Huawei HarmonyOS 安全漏洞
Huawei EMUI and Huawei HarmonyOS are both products of the Chinese company Huawei. Huawei EMUI is a mobile operating system developed based on Android. Huawei HarmonyOS is an operating system that provides a full-scenario distributed operating system based on a microkernel. There are security...
CVE-2025-26474
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information improper input. This vulnerability can be exploited only in restricted scenarios...
CVE-2025-26474 communication_ipc an improper input validation vulnerability
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information improper input. This vulnerability can be exploited only in restricted scenarios...
CVE-2025-26474
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information improper input. This vulnerability can be exploited only in restricted scenarios...
CVE-2025-52458 arkcompiler_ets_runtime has an out-of-bounds write vulnerability
in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios...
CVE-2025-52458 arkcompiler_ets_runtime has an out-of-bounds write vulnerability
in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios...
CVE-2025-41432
in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios...
CVE-2025-41432 arkcompiler_ets_runtime has an out-of-bounds write vulnerability
in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios...
CVE-2025-41432 arkcompiler_ets_runtime has an out-of-bounds write vulnerability
in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios...
OpenHarmony 安全漏洞
OpenHarmony is an open-source project for a Harmony operating system developed by the OpenAtom Foundation in China. Versions of OpenHarmony prior to v5.0.3 contain security vulnerabilities. These vulnerabilities stem from the use of uninitialized resources, which may allow local attackers to expo...
CVE-2026-2131 XixianLiang HarmonyOS-mcp-server input_text os command injection
A vulnerability was identified in XixianLiang HarmonyOS-mcp-server 0.1.0. This vulnerability affects the function inputtext. The manipulation of the argument text leads to os command injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system developed by Chinese company Huawei. It is a full-scenario distributed operating system based on a microkernel architecture. There is a security vulnerability in Huawei HarmonyOS, which stems from a concurrency issue in the graphical module’s reutilization...
CVE-2025-9142
A local user can trigger Harmony SASE Windows client to write or delete files outside the intended certificate working directory...
CVE-2025-9142 Local privilege escalation in Harmony SASE Windows Agent
A local user can trigger Harmony SASE Windows client to write or delete files outside the intended certificate working directory...
CVE-2025-9142
A local user can trigger Harmony SASE Windows client to write or delete files outside the intended certificate working directory...
CVE-2025-9142
CVE-2025-9142 concerns Harmony SASE Windows Client. Local users can trigger the client to write or delete files outside the intended certificate working directory due to insufficient validation in certificate processing before privileged service use. Symptoms described by Check Point indicate exp...
CVE-2025-9142 Local privilege escalation in Harmony SASE Windows Agent
A local user can trigger Harmony SASE Windows client to write or delete files outside the intended certificate working directory...
Check Point Harmony SASE 安全漏洞
Check Point Harmony SASE is a Secure Access Service edge application from Check Point Israel. A security vulnerability exists in Check Point Harmony SASE that originates when a local user can trigger a client to write or delete files outside of the expected certificate working directory...
PT-2026-2858
Name of the Vulnerable Software and Affected Versions Harmony SASE Windows client affected versions not specified Description A local user can trigger the software to write or delete files outside the intended certificate working directory. Recommendations At the moment, there is no information...