Openharmony Security Vulnerabilities and Issues — Openharmony CVE List

Lucene search

OpenatomOpenharmony

61 matches found

CVE•added 2024/04/02 7:15 a.m.•59 views

CVE-2024-24581

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution through out-of-bounds write.

7.8CVSS6.8AI score0.00073EPSS

CVE•added 2024/05/07 7:15 a.m.•59 views

CVE-2024-31078

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through NULL pointer dereference.

5.5CVSS6.6AI score0.00079EPSS

CVE•added 2024/04/02 7:15 a.m.•58 views

CVE-2024-21834

in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through type confusion.

5.5CVSS3.9AI score0.00079EPSS

CVE•added 2024/03/04 7:15 a.m.•56 views

CVE-2023-49602

in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through type confusion.

5.5CVSS4.1AI score0.0007EPSS

CVE•added 2024/05/07 7:15 a.m.•54 views

CVE-2024-27217

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free.

7.8CVSS7.5AI score0.00078EPSS

CVE•added 2024/05/07 7:15 a.m.•53 views

CVE-2024-23808

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free or cause DOS through NULL pointer dereference.

7.8CVSS7.6AI score0.00068EPSS

CVE•added 2024/05/07 7:15 a.m.•53 views

CVE-2024-3759

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through use after free.

7.8CVSS7.5AI score0.00097EPSS

CVE•added 2024/03/04 7:15 a.m.•51 views

CVE-2023-46708

in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through use after free.

7.8CVSS5.2AI score0.00066EPSS

CVE•added 2024/12/03 1:15 p.m.•51 views

CVE-2024-10074

in OpenHarmony v4.1.1 and prior versions allow a local attacker cause the common permission is upgraded to root through use after free.

8.8CVSS8.4AI score0.00031EPSS

CVE•added 2024/04/02 7:15 a.m.•51 views

CVE-2024-22098

in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through use after free.

8.8CVSS6.8AI score0.00097EPSS

CVE•added 2024/03/04 7:15 a.m.•50 views

CVE-2024-21826

in OpenHarmony v3.2.4 and prior versions allow a local attacker cause sensitive information leak through insecure storage.

5.5CVSS4.4AI score0.00062EPSS

CVE•added 2024/03/04 7:15 a.m.•48 views

CVE-2024-21816

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through improper preservation of permissions.

5.5CVSS4.2AI score0.00047EPSS

CVE•added 2024/04/02 7:15 a.m.•48 views

CVE-2024-29086

in OpenHarmony v3.2.4 and prior versions allow a local attacker cause DOS through stack overflow.

5.5CVSS3.9AI score0.00094EPSS

CVE•added 2024/10/08 4:15 a.m.•48 views

CVE-2024-43697

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through improper input.

5.5CVSS4.1AI score0.00036EPSS

CVE•added 2024/04/02 7:15 a.m.•47 views

CVE-2024-22092

in OpenHarmony v3.2.4 and prior versions allow a remote attacker bypass permission verification to install apps, although these require user action.

7.7CVSS7.5AI score0.00169EPSS

CVE•added 2024/05/07 7:15 a.m.•47 views

CVE-2024-3758

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through heap buffer overflow.

7.8CVSS7.6AI score0.00087EPSS

CVE•added 2024/03/04 7:15 a.m.•46 views

CVE-2023-25176

in OpenHarmony v3.2.4 and prior versions allow a local attacker cause information leak through out-of-bounds Read.

5.5CVSS3.9AI score0.001EPSS

CVE•added 2024/04/02 7:15 a.m.•46 views

CVE-2024-22177

in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through get permission.

5.5CVSS3.9AI score0.00064EPSS

CVE•added 2024/04/02 7:15 a.m.•46 views

CVE-2024-28951

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free.

7.8CVSS5.9AI score0.0007EPSS

CVE•added 2024/10/08 4:15 a.m.•45 views

CVE-2024-39831

in OpenHarmony v4.1.0 allow a local attacker with high privileges arbitrary code execution in pre-installed apps through use after free.

6.7CVSS5.5AI score0.00038EPSS

CVE•added 2024/11/05 8:15 a.m.•45 views

CVE-2024-47797

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through out-of-bounds write.

8.4CVSS7.7AI score0.0003EPSS

CVE•added 2024/04/02 7:15 a.m.•44 views

CVE-2024-29074

in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through improper input.

8.8CVSS6.8AI score0.00073EPSS

CVE•added 2024/04/02 7:15 a.m.•43 views

CVE-2024-28226

in OpenHarmony v4.0.0 and prior versions allow a remote attacker cause DOS through improper input.

8.1CVSS8.1AI score0.01729EPSS

CVE•added 2024/09/02 5:15 a.m.•43 views

CVE-2024-41157

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free.

8.8CVSS7.9AI score0.00039EPSS

CVE•added 2024/12/03 1:15 p.m.•43 views

CVE-2024-9978

in OpenHarmony v4.1.1 and prior versions allow a local attacker cause information leak through out-of-bounds Read.

5.5CVSS5.3AI score0.00026EPSS

CVE•added 2024/04/02 7:15 a.m.•42 views

CVE-2024-22180

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through use after free.

5.5CVSS3.9AI score0.00075EPSS

CVE•added 2024/05/07 7:15 a.m.•42 views

CVE-2024-3757

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through integer overflow.

5.5CVSS6.7AI score0.00079EPSS

CVE•added 2024/10/08 4:15 a.m.•42 views

CVE-2024-39806

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read.

5.5CVSS5.3AI score0.00033EPSS

CVE•added 2024/09/02 5:15 a.m.•42 views

CVE-2024-39816

in OpenHarmony v4.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write.

8.4CVSS8.2AI score0.00037EPSS

CVE•added 2024/11/05 8:15 a.m.•42 views

CVE-2024-47404

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through double free.

8.4CVSS7.7AI score0.0003EPSS

CVE•added 2024/02/02 7:15 a.m.•41 views

CVE-2024-21845

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause heap overflow through integer overflow.

7.8CVSS7.7AI score0.00032EPSS

CVE•added 2024/07/02 9:15 a.m.•41 views

CVE-2024-36278

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion.

3.3CVSS3.9AI score0.00036EPSS

CVE•added 2024/09/02 5:15 a.m.•41 views

CVE-2024-41160

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free.

8.8CVSS7.9AI score0.00041EPSS

CVE•added 2024/07/02 9:15 a.m.•40 views

CVE-2024-36243

in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds read and write.

9.8CVSS8.4AI score0.01133EPSS

CVE•added 2024/11/05 8:15 a.m.•40 views

CVE-2024-47137

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through out-of-bounds write.

8.4CVSS7.7AI score0.0003EPSS

CVE•added 2024/12/03 1:15 p.m.•39 views

CVE-2024-12082

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read.

5.5CVSS5.3AI score0.00026EPSS

CVE•added 2024/09/02 5:15 a.m.•39 views

CVE-2024-38386

in OpenHarmony v4.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write.

8.4CVSS8.2AI score0.00037EPSS

CVE•added 2024/09/02 5:15 a.m.•39 views

CVE-2024-39775

in OpenHarmony v4.1.0 and prior versions allow a remote attacker cause information leak through out-of-bounds Read.

7.5CVSS6.5AI score0.00145EPSS

CVE•added 2024/10/08 4:15 a.m.•39 views

CVE-2024-43696

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS by memory leak.

5.5CVSS4.1AI score0.00032EPSS

CVE•added 2024/10/08 4:15 a.m.•39 views

CVE-2024-45382

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through out-of-bounds write.

5.5CVSS4.1AI score0.00032EPSS

CVE•added 2024/07/02 9:15 a.m.•38 views

CVE-2024-31071

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion.

3.3CVSS3.9AI score0.00036EPSS

CVE•added 2024/07/02 9:15 a.m.•38 views

CVE-2024-36260

in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write.

9.8CVSS8.5AI score0.01133EPSS

CVE•added 2024/07/02 9:15 a.m.•38 views

CVE-2024-37185

in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write.

9.8CVSS8.5AI score0.01133EPSS

CVE•added 2024/09/02 5:15 a.m.•38 views

CVE-2024-38382

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read.

5.5CVSS5.3AI score0.00038EPSS

CVE•added 2024/09/02 5:15 a.m.•37 views

CVE-2024-28044

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause crash through integer overflow.

5.5CVSS4.1AI score0.00033EPSS

CVE•added 2024/11/05 8:15 a.m.•37 views

CVE-2024-47402

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through out-of-bounds read.

5.5CVSS4.1AI score0.00028EPSS

CVE•added 2024/02/02 7:15 a.m.•36 views

CVE-2024-0285

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through improper input.

5.5CVSS5.5AI score0.00025EPSS

CVE•added 2024/02/02 7:15 a.m.•36 views

CVE-2024-21851

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause heap overflow through integer overflow.

7.8CVSS7.7AI score0.00032EPSS

CVE•added 2024/07/02 9:15 a.m.•36 views

CVE-2024-37030

in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through use after free.

9.8CVSS8.5AI score0.01327EPSS

CVE•added 2024/07/02 9:15 a.m.•36 views

CVE-2024-37077

in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write.

9.8CVSS8.5AI score0.01133EPSS

Total number of security vulnerabilities61