Lucene search
K

479 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/15 2:19 p.m.10 views

Malicious code in @pnc-ref/harmony-core-v18 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9af3593ce67756288a2b5c3d0b337f86b5dc510085895bc2d8f76629a79a350 The package @pnc-ref/harmony-core-v18 was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.7 views

Huawei EMUI和Huawei HarmonyOS 安全漏洞

Huawei EMUI and Huawei HarmonyOS are both products of the Chinese company Huawei. Huawei EMUI is a mobile operating system developed based on Android. Huawei HarmonyOS is an operating system that provides a full-scenario distributed operating system based on a microkernel. There are security...

7.5CVSS5.8AI score0.00139EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:18 p.m.8 views

CVE-2025-26474

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information improper input. This vulnerability can be exploited only in restricted scenarios...

3.3CVSS5.8AI score0.00138EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/16 7:10 a.m.5 views

CVE-2025-26474 communication_ipc an improper input validation vulnerability

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information improper input. This vulnerability can be exploited only in restricted scenarios...

3.3CVSS5.8AI score0.00138EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/16 7:10 a.m.6 views

CVE-2025-26474

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information improper input. This vulnerability can be exploited only in restricted scenarios...

3.3CVSS5.8AI score0.00138EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/03/16 7:10 a.m.29 views

CVE-2025-52458 arkcompiler_ets_runtime has an out-of-bounds write vulnerability

in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios...

5.5CVSS0.0016EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/16 7:10 a.m.6 views

CVE-2025-52458 arkcompiler_ets_runtime has an out-of-bounds write vulnerability

in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios...

5.5CVSS6.3AI score0.0016EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/16 7:9 a.m.5 views

CVE-2025-41432

in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios...

5.5CVSS6.3AI score0.00172EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/16 7:9 a.m.10 views

CVE-2025-41432 arkcompiler_ets_runtime has an out-of-bounds write vulnerability

in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios...

5.5CVSS6.3AI score0.00172EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/16 7:9 a.m.31 views

CVE-2025-41432 arkcompiler_ets_runtime has an out-of-bounds write vulnerability

in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios...

5.5CVSS0.00172EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.7 views

OpenHarmony 安全漏洞

OpenHarmony is an open-source project for a Harmony operating system developed by the OpenAtom Foundation in China. Versions of OpenHarmony prior to v5.0.3 contain security vulnerabilities. These vulnerabilities stem from the use of uninitialized resources, which may allow local attackers to expo...

6.5CVSS5.8AI score0.00167EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/08 2:32 a.m.32 views

CVE-2026-2131 XixianLiang HarmonyOS-mcp-server input_text os command injection

A vulnerability was identified in XixianLiang HarmonyOS-mcp-server 0.1.0. This vulnerability affects the function inputtext. The manipulation of the argument text leads to os command injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used...

6.5CVSS0.15052EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/02/06 12:0 a.m.6 views

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system developed by Chinese company Huawei. It is a full-scenario distributed operating system based on a microkernel architecture. There is a security vulnerability in Huawei HarmonyOS, which stems from a concurrency issue in the graphical module’s reutilization...

8.4CVSS7.1AI score0.00066EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/15 3:15 p.m.6 views

CVE-2025-9142

A local user can trigger Harmony SASE Windows client to write or delete files outside the intended certificate working directory...

7.5CVSS6.7AI score0.00072EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/14 2:30 p.m.33 views

CVE-2025-9142 Local privilege escalation in Harmony SASE Windows Agent

A local user can trigger Harmony SASE Windows client to write or delete files outside the intended certificate working directory...

7.5CVSS0.00072EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/14 2:30 p.m.3 views

CVE-2025-9142

A local user can trigger Harmony SASE Windows client to write or delete files outside the intended certificate working directory...

7.5CVSS5.5AI score0.00072EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/01/14 2:30 p.m.16 views

CVE-2025-9142

CVE-2025-9142 concerns Harmony SASE Windows Client. Local users can trigger the client to write or delete files outside the intended certificate working directory due to insufficient validation in certificate processing before privileged service use. Symptoms described by Check Point indicate exp...

7.5CVSS6.3AI score0.00072EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/14 2:30 p.m.3 views

CVE-2025-9142 Local privilege escalation in Harmony SASE Windows Agent

A local user can trigger Harmony SASE Windows client to write or delete files outside the intended certificate working directory...

7.5CVSS6.3AI score0.00072EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/14 12:0 a.m.6 views

Check Point Harmony SASE 安全漏洞

Check Point Harmony SASE is a Secure Access Service edge application from Check Point Israel. A security vulnerability exists in Check Point Harmony SASE that originates when a local user can trigger a client to write or delete files outside of the expected certificate working directory...

7.5CVSS6.5AI score0.00072EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/14 12:0 a.m.12 views

PT-2026-2858

Name of the Vulnerable Software and Affected Versions Harmony SASE Windows client affected versions not specified Description A local user can trigger the software to write or delete files outside the intended certificate working directory. Recommendations At the moment, there is no information...

7.5CVSS5.9AI score0.00072EPSS
Exploits0References6
Rows per page
Query Builder