Openharmony Security Vulnerabilities and Issues — Openharmony CVE List

Lucene search

OpenatomOpenharmony

8 matches found

CVE•added 2023/11/20 12:15 p.m.•47 views

CVE-2023-46705

in OpenHarmony v3.2.2 and prior versions allow a local attacker causes system information leak through type confusion.

6.2CVSS5.5AI score0.0004EPSS

CVE•added 2024/10/08 4:15 a.m.•45 views

CVE-2024-39831

in OpenHarmony v4.1.0 allow a local attacker with high privileges arbitrary code execution in pre-installed apps through use after free.

6.7CVSS5.5AI score0.00038EPSS

CVE•added 2023/03/10 11:15 a.m.•39 views

CVE-2023-25947

The bundle management subsystem within OpenHarmony-v3.1.4 and prior versions has a null pointer reference vulnerability which local attackers can exploit this vulnerability to cause a DoS attack to the system when installing a malicious HAP package.

6.2CVSS5.5AI score0.00025EPSS

CVE•added 2023/11/20 12:15 p.m.•35 views

CVE-2023-46100

in OpenHarmony v3.2.2 and prior versions allow a local attacker get sensitive buffer information through use of uninitialized resource.

6.2CVSS5.6AI score0.00034EPSS

CVE•added 2022/09/09 3:15 p.m.•33 views

CVE-2022-38701

OpenHarmony-v3.1.2 and prior versions have a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive information.

6.2CVSS4.5AI score0.00065EPSS

CVE•added 2025/06/08 12:15 p.m.•33 views

CVE-2025-27131

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input.

6.1CVSS6.2AI score0.00025EPSS

CVE•added 2023/11/20 12:15 p.m.•32 views

CVE-2023-42774

in OpenHarmony v3.2.2 and prior versions allow a local attacker get confidential information through incorrect default permissions.

6.2CVSS5.5AI score0.00024EPSS

CVE•added 2024/02/02 7:15 a.m.•32 views

CVE-2024-21863

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through improper input.

6.2CVSS6.2AI score0.00024EPSS