63 matches found
CVE-2024-31078
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through NULL pointer dereference.
CVE-2024-21834
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through type confusion.
CVE-2025-26693
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
CVE-2023-49602
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through type confusion.
CVE-2025-21089
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
CVE-2025-22841
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
CVE-2025-25052
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through buffer overflow.
CVE-2024-21826
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause sensitive information leak through insecure storage.
CVE-2025-21097
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through NULL pointer dereference.
CVE-2025-22897
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through buffer overflow.
CVE-2025-22443
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
CVE-2025-22847
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
CVE-2024-21816
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through improper preservation of permissions.
CVE-2024-29086
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause DOS through stack overflow.
CVE-2024-43697
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through improper input.
CVE-2025-20042
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause information leak through out-of-bounds read.
CVE-2025-23234
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through buffer overflow.
CVE-2025-23418
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
CVE-2025-26691
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
CVE-2025-20021
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
CVE-2025-20024
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. This vulnerability can be exploited only in restricted scenarios.
CVE-2025-22837
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through NULL pointer dereference.
CVE-2025-27241
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
CVE-2023-25176
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause information leak through out-of-bounds Read.
CVE-2024-22177
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through get permission.
CVE-2025-27248
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
CVE-2025-21098
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause information leak through out-of-bounds read bypass permission check.
CVE-2025-22886
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory.
CVE-2025-25218
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
CVE-2023-47217
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause DOS through buffer overflow.
CVE-2025-20011
in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory.
CVE-2025-21082
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion.
CVE-2024-9978
in OpenHarmony v4.1.1 and prior versions allow a local attacker cause information leak through out-of-bounds Read.
CVE-2024-22180
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through use after free.
CVE-2024-3757
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through integer overflow.
CVE-2024-39806
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read.
CVE-2025-23235
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through out-of-bounds read.
CVE-2024-12082
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read.
CVE-2024-43696
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS by memory leak.
CVE-2024-45382
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through out-of-bounds write.
CVE-2025-0302
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause DOS through integer overflow.
CVE-2025-20063
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion.
CVE-2023-24465
Communication Wi-Fi subsystem within OpenHarmony-v3.1.4 and prior versions, OpenHarmony-v3.0.7 and prior versions has a null pointer reference vulnerability which local attackers can exploit this vulnerability to cause the current application to crash.
CVE-2024-38382
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read.
CVE-2025-27242
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input.
CVE-2024-28044
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause crash through integer overflow.
CVE-2024-47402
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through out-of-bounds read.
CVE-2025-20081
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.
CVE-2025-25217
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
CVE-2023-0083
The ArKUI framework subsystem within OpenHarmony-v3.1.5 and prior versions, OpenHarmony-v3.0.7 and prior versions has an Improper Input Validation vulnerability which local attackers can exploit this vulnerability to send malicious data, causing the current application to crash.