Lucene search
K

1504 matches found

CVE
CVE
added 2026/03/16 7:10 a.m.8 views

CVE-2025-6969

OpenHarmony

5.5CVSS5.8AI score0.00148EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/03/16 7:10 a.m.26 views

CVE-2025-6969 ability_ability_runtime an improper input validation vulnerability

in OpenHarmony v5.1.0 and prior versions allow a local attacker cause DOS through improper input...

5CVSS0.00148EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/16 7:10 a.m.5 views

CVE-2025-6969

in OpenHarmony v5.1.0 and prior versions allow a local attacker cause DOS through improper input...

5CVSS5.8AI score0.00148EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/16 7:10 a.m.3 views

CVE-2025-6969 ability_ability_runtime an improper input validation vulnerability

in OpenHarmony v5.1.0 and prior versions allow a local attacker cause DOS through improper input...

5CVSS5.8AI score0.00148EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/16 7:10 a.m.27 views

CVE-2025-26474 communication_ipc an improper input validation vulnerability

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information improper input. This vulnerability can be exploited only in restricted scenarios...

3.3CVSS0.00138EPSS
Exploits0References1
CVE
CVE
added 2026/03/16 7:10 a.m.8 views

CVE-2025-26474

CVE-2025-26474 affects OpenHarmony v5.0.3 and earlier. The issue stems from improper input validation in the communication_ipc pathway, enabling a local attacker to cause information disclosure in restricted scenarios. CVSSv3.1 base score 3.3 (LOW) with LOCAL attack vector, LOW privileges require...

3.3CVSS5.8AI score0.00138EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/16 7:10 a.m.4 views

CVE-2025-52458

in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios...

5.5CVSS6.3AI score0.0016EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/03/16 7:10 a.m.8 views

CVE-2025-52458

OpenHarmony is affected: OpenHarmony v5.1.0 and earlier contain an out-of-bounds write vulnerability that enables a local attacker to achieve arbitrary code execution in pre-installed apps, but details on exploit vectors, impacted components, and available fixes are not provided in the supplied d...

7.8CVSS6.3AI score0.0016EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/03/16 7:9 a.m.13 views

CVE-2025-41432

CVE-2025-41432 is an out-of-bounds write vulnerability affecting OpenHarmony up to v5.1.0. The issue is present in arkcompiler_ets_runtime and allows a local attacker to execute arbitrary code within pre-installed apps. The impact is described as high for confidentiality, integrity, and availabil...

7.8CVSS6.3AI score0.00172EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/16 7:9 a.m.6 views

CVE-2025-25277

in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through using incompatible type. This vulnerability can be exploited only in restricted scenarios...

6.3CVSS6.3AI score0.00151EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/03/16 7:9 a.m.27 views

CVE-2025-25277 arkcompiler_ets_runtime has a type confusion vulnerability

in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through using incompatible type. This vulnerability can be exploited only in restricted scenarios...

6.3CVSS0.00151EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/16 7:9 a.m.8 views

CVE-2025-25277 arkcompiler_ets_runtime has a type confusion vulnerability

in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through using incompatible type. This vulnerability can be exploited only in restricted scenarios...

6.3CVSS6.3AI score0.00151EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/16 7:9 a.m.2 views

CVE-2025-12736

in OpenHarmony v5.0.3 and prior versions allow a local attacker case sensitive information leak through use of uninitialized resource...

6.5CVSS5.8AI score0.00167EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/16 7:9 a.m.2 views

CVE-2025-12736 multimedia_audio_standard has an insecure storage of sensitive information vulnerability

in OpenHarmony v5.0.3 and prior versions allow a local attacker case sensitive information leak through use of uninitialized resource...

6.5CVSS5.8AI score0.00167EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/16 7:9 a.m.29 views

CVE-2025-12736 multimedia_audio_standard has an insecure storage of sensitive information vulnerability

in OpenHarmony v5.0.3 and prior versions allow a local attacker case sensitive information leak through use of uninitialized resource...

6.5CVSS0.00167EPSS
Exploits0References1
CVE
CVE
added 2026/03/16 7:9 a.m.10 views

CVE-2025-12736

CVE-2025-12736 affects the OpenHarmony platform, specifically the multimedia_audio_standard component in v5.0.3 and earlier. The root cause is the use of an uninitialized resource, which can enable a local attacker to obtain a case-sensitive leak of sensitive information. The provided metrics ind...

6.5CVSS5.8AI score0.00167EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/03/16 7:8 a.m.29 views

CVE-2026-0639 liteos_a has a missing release of memory vulnerability

in OpenHarmony v6.0 and prior versions allow a local attacker case DOS through missing release of memory...

3.3CVSS0.00155EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/16 7:8 a.m.3 views

CVE-2026-0639

in OpenHarmony v6.0 and prior versions allow a local attacker case DOS through missing release of memory...

3.3CVSS5.8AI score0.00155EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/03/16 7:8 a.m.10 views

CVE-2026-0639

OpenHarmony v6.0 and earlier are affected by a vulnerability where missing release of memory can be exploited locally to cause a denial of service. Impact is limited to availability (local attacker, low privileges, no user interaction). CVSS notes: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. No remediat...

5.5CVSS5.8AI score0.00155EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/16 7:8 a.m.5 views

CVE-2026-0639 liteos_a has a missing release of memory vulnerability

in OpenHarmony v6.0 and prior versions allow a local attacker case DOS through missing release of memory...

3.3CVSS5.8AI score0.00155EPSS
Exploits0References1
Rows per page
Query Builder