10 matches found
CVE-2024-24581
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution through out-of-bounds write.
CVE-2024-21834
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through type confusion.
CVE-2024-22098
in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through use after free.
CVE-2024-29086
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause DOS through stack overflow.
CVE-2024-22092
in OpenHarmony v3.2.4 and prior versions allow a remote attacker bypass permission verification to install apps, although these require user action.
CVE-2024-22177
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through get permission.
CVE-2024-28951
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free.
CVE-2024-29074
in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through improper input.
CVE-2024-28226
in OpenHarmony v4.0.0 and prior versions allow a remote attacker cause DOS through improper input.
CVE-2024-22180
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through use after free.