Harmonyos@5.0.0 Security Vulnerabilities and Issues — Harmonyos@5.0.0 CVE List

Lucene search

HuaweiHarmonyos5.0.0

102 matches found

CVE•added 2025/04/07 4:15 a.m.•59 views

CVE-2025-31174

Path traversal vulnerability in the DFS moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS7.1AI score0.00035EPSS

CVE•added 2025/04/07 4:15 a.m.•57 views

CVE-2025-31170

Access control vulnerability in the security verification moduleImpact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

9.1CVSS7.2AI score0.00018EPSS

CVE•added 2025/04/07 4:15 a.m.•56 views

CVE-2025-31173

Memory write permission bypass vulnerability in the kernel futex moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

8.8CVSS7.1AI score0.00008EPSS

CVE•added 2025/04/07 4:15 a.m.•51 views

CVE-2025-31171

File read permission bypass vulnerability in the kernel file system moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

6.8CVSS6.5AI score0.00009EPSS

CVE•added 2024/12/12 12:15 p.m.•49 views

CVE-2024-54107

Read/Write vulnerability in the image decoding moduleImpact: Successful exploitation of this vulnerability will affect availability.

7.5CVSS7.1AI score0.0007EPSS

CVE•added 2025/04/07 4:15 a.m.•49 views

CVE-2024-58107

Buffer overflow vulnerability in the codec moduleImpact: Successful exploitation of this vulnerability may affect availability.

7.5CVSS7.4AI score0.00024EPSS

CVE•added 2025/04/07 4:15 a.m.•49 views

CVE-2025-31172

Memory write permission bypass vulnerability in the kernel futex moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.8CVSS7.6AI score0.00008EPSS

CVE•added 2024/12/12 12:15 p.m.•48 views

CVE-2024-54102

Race condition vulnerability in the DDR moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

6.1CVSS6.9AI score0.0002EPSS

CVE•added 2025/05/06 8:15 a.m.•46 views

CVE-2025-46590

Bypass vulnerability in the network search instruction authentication moduleImpact: Successful exploitation of this vulnerability can bypass authentication and enable access to some network search functions.

6.5CVSS7.2AI score0.0004EPSS

CVE•added 2025/05/06 8:15 a.m.•46 views

CVE-2025-46592

Null pointer dereference vulnerability in the USB HDI driver moduleImpact: Successful exploitation of this vulnerability may affect availability.

5.5CVSS6.9AI score0.00009EPSS

CVE•added 2025/02/06 1:15 p.m.•45 views

CVE-2024-57958

Out-of-bounds array read vulnerability in the FFRT moduleImpact: Successful exploitation of this vulnerability may cause features to perform abnormally.

9.1CVSS6.8AI score0.00032EPSS

CVE•added 2025/02/06 1:15 p.m.•45 views

CVE-2024-57959

Use-After-Free (UAF) vulnerability in the display moduleImpact: Successful exploitation of this vulnerability may cause features to perform abnormally.

9.8CVSS6.9AI score0.00031EPSS

CVE•added 2025/05/06 7:15 a.m.•45 views

CVE-2025-46584

Vulnerability of improper authentication logic implementation in the file system moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.8CVSS7.7AI score0.0001EPSS

CVE•added 2025/05/06 7:15 a.m.•45 views

CVE-2025-46585

Out-of-bounds array read/write vulnerability in the kernel moduleImpact: Successful exploitation of this vulnerability may affect availability.

7.5CVSS7.4AI score0.00008EPSS

CVE•added 2025/02/06 1:15 p.m.•44 views

CVE-2024-12602

Identity verification vulnerability in the ParamWatcher moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS6.9AI score0.00027EPSS

CVE•added 2024/12/12 12:15 p.m.•44 views

CVE-2024-54106

Null pointer dereference vulnerability in the image decoding moduleImpact: Successful exploitation of this vulnerability will affect availability.

7.5CVSS7.1AI score0.00043EPSS

CVE•added 2024/12/12 12:15 p.m.•44 views

CVE-2024-54111

Read/Write vulnerability in the image decoding moduleImpact: Successful exploitation of this vulnerability will affect availability.

7.5CVSS5.6AI score0.00019EPSS

CVE•added 2024/12/12 12:15 p.m.•44 views

CVE-2024-54112

Cross-process screen stack vulnerability in the UIExtension moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS5.5AI score0.00026EPSS

CVE•added 2025/05/06 8:15 a.m.•44 views

CVE-2025-46588

Vulnerability of unauthorized access in the app lock moduleImpact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

7.7CVSS4.8AI score0.00009EPSS

CVE•added 2025/05/06 8:15 a.m.•44 views

CVE-2025-46589

Vulnerability of unauthorized access in the app lock moduleImpact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

7.1CVSS6.9AI score0.00009EPSS

CVE•added 2025/05/06 8:15 a.m.•44 views

CVE-2025-46591

Out-of-bounds data read vulnerability in the authorization moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

6.2CVSS6.9AI score0.00009EPSS

CVE•added 2024/11/05 10:21 a.m.•43 views

CVE-2024-51525

Permission control vulnerability in the clipboard moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

6.2CVSS6.5AI score0.0002EPSS

CVE•added 2024/12/12 12:15 p.m.•43 views

CVE-2024-54114

Out-of-bounds access vulnerability in playback in the DASH moduleImpact: Successful exploitation of this vulnerability will affect availability.

7.5CVSS4.8AI score0.00024EPSS

CVE•added 2025/02/06 1:15 p.m.•43 views

CVE-2024-57955

Arbitrary write vulnerability in the Gallery moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS7AI score0.0002EPSS

CVE•added 2025/02/06 1:15 p.m.•43 views

CVE-2024-57957

Vulnerability of improper log information control in the UI framework moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS6.7AI score0.00026EPSS

CVE•added 2025/03/04 8:15 a.m.•43 views

CVE-2025-27521

Vulnerability of improper access permission in the process management moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

6.8CVSS6.6AI score0.00011EPSS

CVE•added 2024/11/05 9:15 a.m.•42 views

CVE-2024-51513

Vulnerability of processes not being fully terminated in the VPN moduleImpact: Successful exploitation of this vulnerability will affect power consumption.

5.5CVSS6.9AI score0.00014EPSS

CVE•added 2024/12/12 12:15 p.m.•42 views

CVE-2024-54103

Vulnerability of improper access control in the album moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS7.1AI score0.00026EPSS

CVE•added 2024/12/12 12:15 p.m.•42 views

CVE-2024-54108

Read/Write vulnerability in the image decoding moduleImpact: Successful exploitation of this vulnerability will affect availability.

7.5CVSS6.5AI score0.00124EPSS

CVE•added 2024/12/12 12:15 p.m.•42 views

CVE-2024-54115

Out-of-bounds read vulnerability in the DASH moduleImpact: Successful exploitation of this vulnerability will affect availability.

7.5CVSS4.6AI score0.00046EPSS

CVE•added 2024/12/12 12:15 p.m.•42 views

CVE-2024-54117

Cross-process screen stack vulnerability in the UIExtension moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS6.4AI score0.00035EPSS

CVE•added 2025/02/06 1:15 p.m.•42 views

CVE-2024-57956

Out-of-bounds read vulnerability in the interpreter string moduleImpact: Successful exploitation of this vulnerability may affect availability.

7.5CVSS6.9AI score0.00019EPSS

CVE•added 2025/02/06 1:15 p.m.•42 views

CVE-2024-57962

Vulnerability of incomplete verification information in the VPN service moduleImpact: Successful exploitation of this vulnerability may affect availability.

7.5CVSS6.7AI score0.00022EPSS

CVE•added 2025/05/06 8:15 a.m.•42 views

CVE-2025-46593

Process residence vulnerability in abnormal scenarios in the print moduleImpact: Successful exploitation of this vulnerability may affect availability.

5.5CVSS6.9AI score0.00009EPSS

CVE•added 2024/12/12 12:15 p.m.•41 views

CVE-2024-54105

Read/Write vulnerability in the image decoding moduleImpact: Successful exploitation of this vulnerability will affect availability.

7.5CVSS7.1AI score0.00037EPSS

CVE•added 2024/12/12 12:15 p.m.•41 views

CVE-2024-54113

Process residence vulnerability in abnormal scenarios in the print moduleImpact: Successful exploitation of this vulnerability may affect power consumption.

7.5CVSS6.5AI score0.00033EPSS

CVE•added 2024/12/12 12:15 p.m.•41 views

CVE-2024-54116

Out-of-bounds read vulnerability in the M3U8 moduleImpact: Successful exploitation of this vulnerability may cause features to perform abnormally.

7.5CVSS4.6AI score0.00046EPSS

CVE•added 2025/05/06 7:15 a.m.•41 views

CVE-2025-46586

Permission control vulnerability in the contacts moduleImpact: Successful exploitation of this vulnerability may affect availability.

5.5CVSS7AI score0.00009EPSS

CVE•added 2025/05/06 8:15 a.m.•41 views

CVE-2025-46587

Permission control vulnerability in the media library moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

6.2CVSS6.3AI score0.00009EPSS

CVE•added 2024/12/12 12:15 p.m.•40 views

CVE-2024-54110

Cross-process screen stack vulnerability in the UIExtension moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS6.4AI score0.00036EPSS

CVE•added 2025/01/08 4:15 a.m.•40 views

CVE-2024-56451

Integer overflow vulnerability during glTF model loading in the 3D engine moduleImpact: Successful exploitation of this vulnerability may affect availability.

7.3CVSS7.2AI score0.00015EPSS

CVE•added 2025/06/06 7:15 a.m.•40 views

CVE-2025-48903

Permission bypass vulnerability in the media library moduleImpact: Successful exploitation of this vulnerability may affect availability.

7.8CVSS7AI score0.00007EPSS

CVE•added 2024/11/05 10:21 a.m.•39 views

CVE-2024-51517

Vulnerability of improper memory access in the phone service moduleImpact: Successful exploitation of this vulnerability may affect availability.

5.5CVSS7.1AI score0.00009EPSS

CVE•added 2024/11/05 10:21 a.m.•39 views

CVE-2024-51519

Vulnerability of input parameters not being verified in the HDC moduleImpact: Successful exploitation of this vulnerability may affect availability.

5.5CVSS7.1AI score0.00017EPSS

CVE•added 2024/12/12 1:15 p.m.•39 views

CVE-2024-54122

Concurrent variable access vulnerability in the ability moduleImpact: Successful exploitation of this vulnerability may affect availability.

6.2CVSS6.3AI score0.00009EPSS

CVE•added 2025/01/08 2:15 a.m.•39 views

CVE-2024-56435

Cross-process screen stack vulnerability in the UIExtension moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS7AI score0.00027EPSS

CVE•added 2025/01/08 4:15 a.m.•39 views

CVE-2024-56456

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine moduleImpact: Successful exploitation of this vulnerability may affect availability.

6.8CVSS6.9AI score0.00012EPSS

CVE•added 2025/02/06 1:15 p.m.•39 views

CVE-2024-57954

Permission verification vulnerability in the media library moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS6.9AI score0.00027EPSS

CVE•added 2025/04/07 4:15 a.m.•39 views

CVE-2024-58112

Exception capture failure vulnerability in the SVG parsing module of the ArkUI frameworkImpact: Successful exploitation of this vulnerability may affect availability.

7.5CVSS7.1AI score0.00038EPSS

CVE•added 2025/04/07 4:15 a.m.•39 views

CVE-2024-58116

Buffer overflow vulnerability in the SVG parsing module of the ArkUI frameworkImpact: Successful exploitation of this vulnerability may affect availability.

7.5CVSS7.4AI score0.00022EPSS

Total number of security vulnerabilities102