Harmonyos@5.0.0 Security Vulnerabilities and Issues — Harmonyos@5.0.0 CVE List

Lucene search

HuaweiHarmonyos5.0.0

67 matches found

CVE•added 2025/04/07 4:15 a.m.•59 views

CVE-2025-31174

Path traversal vulnerability in the DFS moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS7.1AI score0.00035EPSS

CVE•added 2025/04/07 4:15 a.m.•57 views

CVE-2025-31170

Access control vulnerability in the security verification moduleImpact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

9.1CVSS7.2AI score0.00018EPSS

CVE•added 2025/04/07 4:15 a.m.•56 views

CVE-2025-31173

Memory write permission bypass vulnerability in the kernel futex moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

8.8CVSS7.1AI score0.00008EPSS

CVE•added 2025/04/07 4:15 a.m.•51 views

CVE-2025-31171

File read permission bypass vulnerability in the kernel file system moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

6.8CVSS6.5AI score0.00009EPSS

CVE•added 2025/04/07 4:15 a.m.•49 views

CVE-2024-58107

Buffer overflow vulnerability in the codec moduleImpact: Successful exploitation of this vulnerability may affect availability.

7.5CVSS7.4AI score0.00024EPSS

CVE•added 2025/04/07 4:15 a.m.•49 views

CVE-2025-31172

Memory write permission bypass vulnerability in the kernel futex moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.8CVSS7.6AI score0.00008EPSS

CVE•added 2025/05/06 8:15 a.m.•46 views

CVE-2025-46590

Bypass vulnerability in the network search instruction authentication moduleImpact: Successful exploitation of this vulnerability can bypass authentication and enable access to some network search functions.

6.5CVSS7.2AI score0.0004EPSS

CVE•added 2025/05/06 8:15 a.m.•46 views

CVE-2025-46592

Null pointer dereference vulnerability in the USB HDI driver moduleImpact: Successful exploitation of this vulnerability may affect availability.

5.5CVSS6.9AI score0.00009EPSS

CVE•added 2025/02/06 1:15 p.m.•45 views

CVE-2024-57958

Out-of-bounds array read vulnerability in the FFRT moduleImpact: Successful exploitation of this vulnerability may cause features to perform abnormally.

9.1CVSS6.8AI score0.00032EPSS

CVE•added 2025/02/06 1:15 p.m.•45 views

CVE-2024-57959

Use-After-Free (UAF) vulnerability in the display moduleImpact: Successful exploitation of this vulnerability may cause features to perform abnormally.

9.8CVSS6.9AI score0.00031EPSS

CVE•added 2025/05/06 7:15 a.m.•45 views

CVE-2025-46584

Vulnerability of improper authentication logic implementation in the file system moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.8CVSS7.7AI score0.0001EPSS

CVE•added 2025/05/06 7:15 a.m.•45 views

CVE-2025-46585

Out-of-bounds array read/write vulnerability in the kernel moduleImpact: Successful exploitation of this vulnerability may affect availability.

7.5CVSS7.4AI score0.00008EPSS

CVE•added 2025/02/06 1:15 p.m.•44 views

CVE-2024-12602

Identity verification vulnerability in the ParamWatcher moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS6.9AI score0.00027EPSS

CVE•added 2025/05/06 8:15 a.m.•44 views

CVE-2025-46588

Vulnerability of unauthorized access in the app lock moduleImpact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

7.7CVSS4.8AI score0.00009EPSS

CVE•added 2025/05/06 8:15 a.m.•44 views

CVE-2025-46589

Vulnerability of unauthorized access in the app lock moduleImpact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

7.1CVSS6.9AI score0.00009EPSS

CVE•added 2025/05/06 8:15 a.m.•44 views

CVE-2025-46591

Out-of-bounds data read vulnerability in the authorization moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

6.2CVSS6.9AI score0.00009EPSS

CVE•added 2025/02/06 1:15 p.m.•43 views

CVE-2024-57955

Arbitrary write vulnerability in the Gallery moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS7AI score0.0002EPSS

CVE•added 2025/02/06 1:15 p.m.•43 views

CVE-2024-57957

Vulnerability of improper log information control in the UI framework moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS6.7AI score0.00026EPSS

CVE•added 2025/03/04 8:15 a.m.•43 views

CVE-2025-27521

Vulnerability of improper access permission in the process management moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

6.8CVSS6.6AI score0.00011EPSS

CVE•added 2025/02/06 1:15 p.m.•42 views

CVE-2024-57956

Out-of-bounds read vulnerability in the interpreter string moduleImpact: Successful exploitation of this vulnerability may affect availability.

7.5CVSS6.9AI score0.00019EPSS

CVE•added 2025/02/06 1:15 p.m.•42 views

CVE-2024-57962

Vulnerability of incomplete verification information in the VPN service moduleImpact: Successful exploitation of this vulnerability may affect availability.

7.5CVSS6.7AI score0.00022EPSS

CVE•added 2025/05/06 8:15 a.m.•42 views

CVE-2025-46593

Process residence vulnerability in abnormal scenarios in the print moduleImpact: Successful exploitation of this vulnerability may affect availability.

5.5CVSS6.9AI score0.00009EPSS

CVE•added 2025/05/06 7:15 a.m.•41 views

CVE-2025-46586

Permission control vulnerability in the contacts moduleImpact: Successful exploitation of this vulnerability may affect availability.

5.5CVSS7AI score0.00009EPSS

CVE•added 2025/05/06 8:15 a.m.•41 views

CVE-2025-46587

Permission control vulnerability in the media library moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

6.2CVSS6.3AI score0.00009EPSS

CVE•added 2025/01/08 4:15 a.m.•40 views

CVE-2024-56451

Integer overflow vulnerability during glTF model loading in the 3D engine moduleImpact: Successful exploitation of this vulnerability may affect availability.

7.3CVSS7.2AI score0.00015EPSS

CVE•added 2025/06/06 7:15 a.m.•40 views

CVE-2025-48903

Permission bypass vulnerability in the media library moduleImpact: Successful exploitation of this vulnerability may affect availability.

7.8CVSS7AI score0.00007EPSS

CVE•added 2025/01/08 2:15 a.m.•39 views

CVE-2024-56435

Cross-process screen stack vulnerability in the UIExtension moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS7AI score0.00027EPSS

CVE•added 2025/01/08 4:15 a.m.•39 views

CVE-2024-56456

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine moduleImpact: Successful exploitation of this vulnerability may affect availability.

6.8CVSS6.9AI score0.00012EPSS

CVE•added 2025/02/06 1:15 p.m.•39 views

CVE-2024-57954

Permission verification vulnerability in the media library moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS6.9AI score0.00027EPSS

CVE•added 2025/04/07 4:15 a.m.•39 views

CVE-2024-58112

Exception capture failure vulnerability in the SVG parsing module of the ArkUI frameworkImpact: Successful exploitation of this vulnerability may affect availability.

7.5CVSS7.1AI score0.00038EPSS

CVE•added 2025/04/07 4:15 a.m.•39 views

CVE-2024-58116

Buffer overflow vulnerability in the SVG parsing module of the ArkUI frameworkImpact: Successful exploitation of this vulnerability may affect availability.

7.5CVSS7.4AI score0.00022EPSS

CVE•added 2025/05/06 8:15 a.m.•39 views

CVE-2024-58252

Vulnerability of insufficient information protection in the media library moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

6.2CVSS6.2AI score0.00009EPSS

CVE•added 2025/06/06 7:15 a.m.•39 views

CVE-2025-48905

Wasm exception capture vulnerability in the arkweb v8 moduleImpact: Successful exploitation of this vulnerability may cause the failure to capture specific Wasm exception types.

8.1CVSS6.8AI score0.00032EPSS

CVE•added 2025/06/06 7:15 a.m.•39 views

CVE-2025-48911

Vulnerability of improper permission assignment in the note sharing moduleImpact: Successful exploitation of this vulnerability may affect availability.

8.2CVSS6.9AI score0.00008EPSS

CVE•added 2025/01/08 4:15 a.m.•38 views

CVE-2024-54121

Startup control vulnerability in the ability moduleImpact: Successful exploitation of this vulnerability may cause features to perform abnormally.

7.5CVSS6.9AI score0.00051EPSS

CVE•added 2025/01/08 3:15 a.m.•38 views

CVE-2024-56444

Cross-process screen stack vulnerability in the UIExtension moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS7AI score0.00039EPSS

CVE•added 2025/01/08 4:15 a.m.•38 views

CVE-2024-56452

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine moduleImpact: Successful exploitation of this vulnerability may affect availability.

5.5CVSS6.9AI score0.00013EPSS

CVE•added 2025/04/07 4:15 a.m.•38 views

CVE-2024-58106

Buffer overflow vulnerability in the codec moduleImpact: Successful exploitation of this vulnerability may affect availability.

7.5CVSS7.4AI score0.0002EPSS

CVE•added 2025/04/07 4:15 a.m.•38 views

CVE-2024-58111

Exception capture failure vulnerability in the SVG parsing module of the ArkUI frameworkImpact: Successful exploitation of this vulnerability may affect availability.

7.5CVSS7.1AI score0.00038EPSS

CVE•added 2025/06/06 7:15 a.m.•38 views

CVE-2024-58114

Resource allocation control failure vulnerability in the ArkUI frameworkImpact: Successful exploitation of this vulnerability may affect availability.

4CVSS7AI score0.00009EPSS

CVE•added 2025/01/08 3:15 a.m.•37 views

CVE-2024-56439

Access control vulnerability in the identity authentication moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS7.7AI score0.00029EPSS

CVE•added 2025/01/08 4:15 a.m.•37 views

CVE-2024-56454

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine moduleImpact: Successful exploitation of this vulnerability may affect availability.

5.5CVSS6.9AI score0.00013EPSS

CVE•added 2025/04/07 4:15 a.m.•37 views

CVE-2024-58108

Buffer overflow vulnerability in the codec moduleImpact: Successful exploitation of this vulnerability may affect availability.

7.5CVSS7.4AI score0.0002EPSS

CVE•added 2025/04/07 4:15 a.m.•37 views

CVE-2024-58113

Vulnerability of improper resource management in the memory management moduleImpact: Successful exploitation of this vulnerability may affect availability.

7.5CVSS7.1AI score0.0003EPSS

CVE•added 2025/06/06 7:15 a.m.•37 views

CVE-2025-48908

Ability Auto Startup service vulnerability in the foundation processImpact: Successful exploitation of this vulnerability may affect availability.

6.7CVSS6.9AI score0.00007EPSS

CVE•added 2025/06/06 7:15 a.m.•37 views

CVE-2025-48910

Buffer overflow vulnerability in the DFile moduleImpact: Successful exploitation of this vulnerability may affect availability.

5.5CVSS7.2AI score0.00012EPSS

CVE•added 2025/06/06 7:15 a.m.•36 views

CVE-2025-48907

Deserialization vulnerability in the IPC moduleImpact: Successful exploitation of this vulnerability may affect availability.

6.2CVSS7.1AI score0.00009EPSS

CVE•added 2025/01/08 3:15 a.m.•35 views

CVE-2024-54120

Race condition vulnerability in the distributed notification moduleImpact: Successful exploitation of this vulnerability may cause features to perform abnormally.

5.9CVSS6.9AI score0.00018EPSS

CVE•added 2025/01/08 3:15 a.m.•35 views

CVE-2024-56437

Vulnerability of input parameters not being verified in the widget framework moduleImpact: Successful exploitation of this vulnerability may affect availability.

7.5CVSS5.6AI score0.00042EPSS

CVE•added 2025/03/04 8:15 a.m.•35 views

CVE-2024-58049

Permission verification vulnerability in the media library moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

5.5CVSS5.2AI score0.0001EPSS

Total number of security vulnerabilities67