Harmonyos Security Vulnerabilities and Issues — Harmonyos CVE List

Lucene search

HuaweiHarmonyos

28 matches found

CVE•added 2025/01/08 3:15 a.m.•61 views

CVE-2024-56442

Vulnerability of native APIs not being implemented in the NFC service moduleImpact: Successful exploitation of this vulnerability may cause features to perform abnormally.

7.5CVSS6.8AI score0.0003EPSS

CVE•added 2025/01/08 4:15 a.m.•40 views

CVE-2024-56448

Vulnerability of improper access control in the home screen widget moduleImpact: Successful exploitation of this vulnerability may affect availability.

7.5CVSS6.9AI score0.00028EPSS

CVE•added 2025/01/08 4:15 a.m.•40 views

CVE-2024-56451

Integer overflow vulnerability during glTF model loading in the 3D engine moduleImpact: Successful exploitation of this vulnerability may affect availability.

7.3CVSS7.2AI score0.00015EPSS

CVE•added 2025/01/08 2:15 a.m.•39 views

CVE-2024-56435

Cross-process screen stack vulnerability in the UIExtension moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS7AI score0.00027EPSS

CVE•added 2025/01/08 4:15 a.m.•39 views

CVE-2024-56456

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine moduleImpact: Successful exploitation of this vulnerability may affect availability.

6.8CVSS6.9AI score0.00012EPSS

CVE•added 2025/01/08 3:15 a.m.•38 views

CVE-2023-52954

Vulnerability of improper permission control in the Gallery moduleImpact: Successful exploitation of this vulnerability may affect availability.

7.5CVSS4.8AI score0.00021EPSS

CVE•added 2025/01/08 4:15 a.m.•38 views

CVE-2024-54121

Startup control vulnerability in the ability moduleImpact: Successful exploitation of this vulnerability may cause features to perform abnormally.

7.5CVSS6.9AI score0.00051EPSS

CVE•added 2025/01/08 3:15 a.m.•38 views

CVE-2024-56444

Cross-process screen stack vulnerability in the UIExtension moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS7AI score0.00039EPSS

CVE•added 2025/01/08 4:15 a.m.•38 views

CVE-2024-56452

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine moduleImpact: Successful exploitation of this vulnerability may affect availability.

5.5CVSS6.9AI score0.00013EPSS

CVE•added 2025/01/08 3:15 a.m.•37 views

CVE-2024-56439

Access control vulnerability in the identity authentication moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS7.7AI score0.00029EPSS

CVE•added 2025/01/08 4:15 a.m.•37 views

CVE-2024-56454

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine moduleImpact: Successful exploitation of this vulnerability may affect availability.

5.5CVSS6.9AI score0.00013EPSS

CVE•added 2025/01/08 3:15 a.m.•35 views

CVE-2023-52953

Path traversal vulnerability in the Medialibrary moduleImpact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

9.1CVSS6.4AI score0.0004EPSS

CVE•added 2025/01/08 3:15 a.m.•35 views

CVE-2024-54120

Race condition vulnerability in the distributed notification moduleImpact: Successful exploitation of this vulnerability may cause features to perform abnormally.

5.9CVSS6.9AI score0.00018EPSS

CVE•added 2025/01/08 3:15 a.m.•35 views

CVE-2024-56437

Vulnerability of input parameters not being verified in the widget framework moduleImpact: Successful exploitation of this vulnerability may affect availability.

7.5CVSS5.6AI score0.00042EPSS

CVE•added 2025/01/08 4:15 a.m.•35 views

CVE-2024-56449

Privilege escalation vulnerability in the Account moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS7.2AI score0.00024EPSS

CVE•added 2025/01/08 2:15 a.m.•34 views

CVE-2024-56434

UAF vulnerability in the device node access moduleImpact: Successful exploitation of this vulnerability may cause service exceptions of the device.

7.5CVSS7AI score0.00037EPSS

CVE•added 2025/01/08 2:15 a.m.•34 views

CVE-2024-56436

Cross-process screen stack vulnerability in the UIExtension moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS7AI score0.0002EPSS

CVE•added 2025/01/08 3:15 a.m.•34 views

CVE-2024-56438

Vulnerability of improper memory address protection in the HUKS moduleImpact: Successful exploitation of this vulnerability may affect availability.

7.5CVSS6AI score0.00031EPSS

CVE•added 2025/01/08 3:15 a.m.•34 views

CVE-2024-56440

Permission control vulnerability in the Connectivity moduleImpact: Successful exploitation of this vulnerability may cause features to perform abnormally.

7.5CVSS6.3AI score0.00035EPSS

CVE•added 2025/01/08 3:15 a.m.•34 views

CVE-2024-56443

Cross-process screen stack vulnerability in the UIExtension moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS7AI score0.00027EPSS

CVE•added 2025/01/08 4:15 a.m.•34 views

CVE-2024-56450

Buffer overflow vulnerability in the component driver moduleImpact: Successful exploitation of this vulnerability may affect availability.

6.3CVSS7.2AI score0.00011EPSS

CVE•added 2025/01/08 4:15 a.m.•34 views

CVE-2024-56453

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine moduleImpact: Successful exploitation of this vulnerability may affect availability.

6.8CVSS6.9AI score0.00012EPSS

CVE•added 2025/01/08 3:15 a.m.•33 views

CVE-2023-52955

Vulnerability of improper authentication in the ANS system service moduleImpact: Successful exploitation of this vulnerability may cause features to perform abnormally.

7.5CVSS6.6AI score0.00046EPSS

CVE•added 2025/01/08 3:15 a.m.•33 views

CVE-2024-56441

Race condition vulnerability in the Bastet moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

5.9CVSS4.6AI score0.00014EPSS

CVE•added 2025/01/08 4:15 a.m.•33 views

CVE-2024-56455

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine moduleImpact: Successful exploitation of this vulnerability may affect availability.

5.5CVSS6.9AI score0.00013EPSS

CVE•added 2025/01/08 3:15 a.m.•32 views

CVE-2024-56445

Instruction authentication bypass vulnerability in the Findnetwork moduleImpact: Successful exploitation of this vulnerability may cause features to perform abnormally.

5.3CVSS4.8AI score0.00077EPSS

CVE•added 2025/01/08 3:15 a.m.•32 views

CVE-2024-56447

Vulnerability of improper permission control in the window management moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.8CVSS7.6AI score0.00027EPSS

CVE•added 2025/01/08 3:15 a.m.•31 views

CVE-2024-56446

Vulnerability of variables not being initialized in the notification moduleImpact: Successful exploitation of this vulnerability may affect availability.

7.5CVSS4.3AI score0.00034EPSS