4328 matches found
EUVD-2026-12835
OpenClaw vulnerable to Unauthenticated Local RCE via WebSocket config.apply...
EulerOS Virtualization 2.12.0 : icu (EulerOS-SA-2026-1488)
According to the versions of the icu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A stack buffer overflow was found in Internationl components for unicode ICU . While running the genrb binary, the 'subtag' struct...
EulerOS Virtualization 2.12.1 : edk2 (EulerOS-SA-2026-1471)
According to the versions of the edk2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful...
EUVD-2025-208681
in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios...
CVE-2025-52458
in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios...
CVE-2025-41432
in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios...
CVE-2025-52458
OpenHarmony is affected: OpenHarmony v5.1.0 and earlier contain an out-of-bounds write vulnerability that enables a local attacker to achieve arbitrary code execution in pre-installed apps, but details on exploit vectors, impacted components, and available fixes are not provided in the supplied d...
CVE-2025-52458 arkcompiler_ets_runtime has an out-of-bounds write vulnerability
in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios...
CVE-2025-52458 arkcompiler_ets_runtime has an out-of-bounds write vulnerability
in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios...
CVE-2025-41432 arkcompiler_ets_runtime has an out-of-bounds write vulnerability
in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios...
CVE-2025-41432 arkcompiler_ets_runtime has an out-of-bounds write vulnerability
in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios...
CVE-2025-41432
in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios...
CVE-2025-25277
in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through using incompatible type. This vulnerability can be exploited only in restricted scenarios...
CVE-2025-25277 arkcompiler_ets_runtime has a type confusion vulnerability
in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through using incompatible type. This vulnerability can be exploited only in restricted scenarios...
CVE-2025-25277
OpenHarmony CVE-2025-25277 describes a local code execution vulnerability in OpenHarmony v5.1.0 and earlier, caused by a type confusion in arkcompiler_ets_runtime that can be triggered by using an incompatible type in pre-installed apps. Affected components are not enumerated beyond the arkcompil...
CVE-2025-25277 arkcompiler_ets_runtime has a type confusion vulnerability
in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through using incompatible type. This vulnerability can be exploited only in restricted scenarios...
Serviio PRO 代码问题漏洞
Serviio PRO is a multimedia streaming server software developed by the British company Serviio. Version 1.8 of Serviio PRO contains a code vulnerability. This vulnerability stems from improper search paths and directory permissions in Windows services, which may allow local users to execute...
OpenHarmony 安全漏洞
OpenHarmony is an open-source project for a Harmony operating system developed by the OpenAtom Foundation in China. OpenHarmony v5.1.0 and earlier versions have security vulnerabilities. These vulnerabilities stem from the use of incompatible types, which may allow local attackers to execute...
Incorrect Authorization
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via the system.run. An attacker can execute unauthorized local code by obtaining approval for a benign script-runner command, then rewriting the referenced script ...
GHSA-RW39-5899-8MXP OpenClaw: Node-host approvals could show misleading shell payloads instead of the executed argv
Summary In affected versions of openclaw, node-host system.run approvals could display only an extracted shell payload such as jq --version while execution still ran a different outer wrapper argv such as ./env sh -c 'jq --version'. Impact This is an approval-integrity bug. An attacker who could...