1504 matches found
CVE-2025-6969
OpenHarmony
CVE-2025-6969 ability_ability_runtime an improper input validation vulnerability
in OpenHarmony v5.1.0 and prior versions allow a local attacker cause DOS through improper input...
CVE-2025-6969
in OpenHarmony v5.1.0 and prior versions allow a local attacker cause DOS through improper input...
CVE-2025-6969 ability_ability_runtime an improper input validation vulnerability
in OpenHarmony v5.1.0 and prior versions allow a local attacker cause DOS through improper input...
CVE-2025-26474 communication_ipc an improper input validation vulnerability
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information improper input. This vulnerability can be exploited only in restricted scenarios...
CVE-2025-26474
CVE-2025-26474 affects OpenHarmony v5.0.3 and earlier. The issue stems from improper input validation in the communication_ipc pathway, enabling a local attacker to cause information disclosure in restricted scenarios. CVSSv3.1 base score 3.3 (LOW) with LOCAL attack vector, LOW privileges require...
CVE-2025-52458
in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios...
CVE-2025-52458
OpenHarmony is affected: OpenHarmony v5.1.0 and earlier contain an out-of-bounds write vulnerability that enables a local attacker to achieve arbitrary code execution in pre-installed apps, but details on exploit vectors, impacted components, and available fixes are not provided in the supplied d...
CVE-2025-41432
CVE-2025-41432 is an out-of-bounds write vulnerability affecting OpenHarmony up to v5.1.0. The issue is present in arkcompiler_ets_runtime and allows a local attacker to execute arbitrary code within pre-installed apps. The impact is described as high for confidentiality, integrity, and availabil...
CVE-2025-25277
in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through using incompatible type. This vulnerability can be exploited only in restricted scenarios...
CVE-2025-25277 arkcompiler_ets_runtime has a type confusion vulnerability
in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through using incompatible type. This vulnerability can be exploited only in restricted scenarios...
CVE-2025-25277 arkcompiler_ets_runtime has a type confusion vulnerability
in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through using incompatible type. This vulnerability can be exploited only in restricted scenarios...
CVE-2025-12736
in OpenHarmony v5.0.3 and prior versions allow a local attacker case sensitive information leak through use of uninitialized resource...
CVE-2025-12736 multimedia_audio_standard has an insecure storage of sensitive information vulnerability
in OpenHarmony v5.0.3 and prior versions allow a local attacker case sensitive information leak through use of uninitialized resource...
CVE-2025-12736 multimedia_audio_standard has an insecure storage of sensitive information vulnerability
in OpenHarmony v5.0.3 and prior versions allow a local attacker case sensitive information leak through use of uninitialized resource...
CVE-2025-12736
CVE-2025-12736 affects the OpenHarmony platform, specifically the multimedia_audio_standard component in v5.0.3 and earlier. The root cause is the use of an uninitialized resource, which can enable a local attacker to obtain a case-sensitive leak of sensitive information. The provided metrics ind...
CVE-2026-0639 liteos_a has a missing release of memory vulnerability
in OpenHarmony v6.0 and prior versions allow a local attacker case DOS through missing release of memory...
CVE-2026-0639
in OpenHarmony v6.0 and prior versions allow a local attacker case DOS through missing release of memory...
CVE-2026-0639
OpenHarmony v6.0 and earlier are affected by a vulnerability where missing release of memory can be exploited locally to cause a denial of service. Impact is limited to availability (local attacker, low privileges, no user interaction). CVSS notes: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. No remediat...
CVE-2026-0639 liteos_a has a missing release of memory vulnerability
in OpenHarmony v6.0 and prior versions allow a local attacker case DOS through missing release of memory...