46 matches found
CVE-2025-0304
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free.
CVE-2025-26693
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
CVE-2025-21089
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
CVE-2025-22841
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
CVE-2025-24309
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.
CVE-2025-25052
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through buffer overflow.
CVE-2025-21097
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through NULL pointer dereference.
CVE-2025-22897
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through buffer overflow.
CVE-2025-23409
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.
CVE-2025-20091
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.
CVE-2025-20626
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.
CVE-2025-22443
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
CVE-2025-22847
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
CVE-2025-23414
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.
CVE-2025-24301
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.
CVE-2025-0587
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. This vulnerability can be exploited only in restricted scenarios.
CVE-2025-20042
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause information leak through out-of-bounds read.
CVE-2025-21084
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through through NULL pointer dereference.. This vulnerability can be exploited only in restricted scenarios.
CVE-2025-23234
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through buffer overflow.
CVE-2025-23240
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.
CVE-2025-23418
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
CVE-2025-26691
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
CVE-2025-27132
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.
CVE-2025-20021
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
CVE-2025-20024
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. This vulnerability can be exploited only in restricted scenarios.
CVE-2025-22835
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.
CVE-2025-22837
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through NULL pointer dereference.
CVE-2025-27241
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
CVE-2025-27248
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
CVE-2025-21098
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause information leak through out-of-bounds read bypass permission check.
CVE-2025-22886
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory.
CVE-2025-25218
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
CVE-2025-20011
in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory.
CVE-2025-21082
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion.
CVE-2025-23420
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.
CVE-2025-0303
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through buffer overflow.
CVE-2025-23235
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through out-of-bounds read.
CVE-2025-0302
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause DOS through integer overflow.
CVE-2025-20063
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion.
CVE-2025-27242
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input.
CVE-2025-20081
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.
CVE-2025-25217
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
CVE-2025-24493
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through race condition.
CVE-2025-27563
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
CVE-2025-27247
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
CVE-2025-27131
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input.