Total
139 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-47402 | 1 Openatom | 1 Openharmony | 2024-11-06 | N/A | 5.5 MEDIUM |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through out-of-bounds read. | |||||
| CVE-2024-47137 | 1 Openatom | 1 Openharmony | 2024-11-06 | N/A | 7.8 HIGH |
| in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through out-of-bounds write. | |||||
| CVE-2024-47404 | 1 Openatom | 1 Openharmony | 2024-11-06 | N/A | 7.8 HIGH |
| in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through double free. | |||||
| CVE-2024-47797 | 1 Openatom | 1 Openharmony | 2024-11-06 | N/A | 7.8 HIGH |
| in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through out-of-bounds write. | |||||
| CVE-2024-45382 | 1 Openatom | 1 Openharmony | 2024-10-16 | N/A | 5.5 MEDIUM |
| in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through out-of-bounds write. | |||||
| CVE-2024-43697 | 1 Openatom | 1 Openharmony | 2024-10-16 | N/A | 5.5 MEDIUM |
| in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through improper input. | |||||
| CVE-2024-43696 | 1 Openatom | 1 Openharmony | 2024-10-16 | N/A | 5.5 MEDIUM |
| in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS by memory leak. | |||||
| CVE-2024-39831 | 1 Openatom | 1 Openharmony | 2024-10-16 | N/A | 6.7 MEDIUM |
| in OpenHarmony v4.1.0 allow a local attacker with high privileges arbitrary code execution in pre-installed apps through use after free. | |||||
| CVE-2024-39806 | 1 Openatom | 1 Openharmony | 2024-10-16 | N/A | 5.5 MEDIUM |
| in OpenHarmony v4.1.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read. | |||||
| CVE-2022-36423 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2024-09-09 | N/A | 7.4 HIGH |
| OpenHarmony-v3.1.2 and prior versions have an incorrect configuration of the cJSON library, which leads a Stack overflow vulnerability during recursive parsing. LAN attackers can lead a DoS attack to all network devices. | |||||
| CVE-2023-4753 | 1 Openatom | 1 Openharmony | 2024-09-09 | N/A | 5.5 MEDIUM |
| OpenHarmony v3.2.1 and prior version has a system call function usage error. Local attackers can crash kernel by the error input. | |||||
| CVE-2024-37030 | 1 Openatom | 1 Openharmony | 2024-09-09 | N/A | 9.8 CRITICAL |
| in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through use after free. | |||||
| CVE-2024-37077 | 1 Openatom | 1 Openharmony | 2024-09-09 | N/A | 9.8 CRITICAL |
| in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write. | |||||
| CVE-2024-36278 | 1 Openatom | 1 Openharmony | 2024-09-09 | N/A | 3.3 LOW |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion. | |||||
| CVE-2023-47216 | 1 Openatom | 1 Openharmony | 2024-09-09 | N/A | 5.5 MEDIUM |
| in OpenHarmony v3.2.2 and prior versions allow a local attacker cause DOS through occupy all resources | |||||
| CVE-2022-38701 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2024-09-09 | N/A | 3.3 LOW |
| OpenHarmony-v3.1.2 and prior versions have a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive information. | |||||
| CVE-2022-43662 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2024-09-09 | N/A | 7.8 HIGH |
| Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysTimerGettime. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked. | |||||
| CVE-2024-36243 | 1 Openatom | 1 Openharmony | 2024-09-09 | N/A | 9.8 CRITICAL |
| in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds read and write. | |||||
| CVE-2024-21845 | 1 Openatom | 1 Openharmony | 2024-09-09 | N/A | 7.8 HIGH |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker cause heap overflow through integer overflow. | |||||
| CVE-2023-22301 | 1 Openatom | 1 Openharmony | 2024-09-09 | N/A | 7.5 HIGH |
| The kernel subsystem hmdfs within OpenHarmony-v3.1.5 and prior versions has an arbitrary memory accessing vulnerability which network attackers can launch a remote attack to obtain kernel memory data of the target system. | |||||