Vulnerabilities
CVE-2024-54030
MEDIUMin OpenHarmony v4.1.2 and prior versions allow a local attacker cause DOS through use after free.
CVE-2024-47398
HIGHin OpenHarmony v4.1.2 and prior versions allow a local attacker cause the device is unable to boot up through out-of-bounds write.
CVE-2024-45070
MEDIUMin OpenHarmony v4.1.2 and prior versions allow a local attacker cause information leak through out-of-bounds Read.
CVE-2024-9978
MEDIUMin OpenHarmony v4.1.1 and prior versions allow a local attacker cause information leak through out-of-bounds Read.
CVE-2024-12082
MEDIUMin OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read.
CVE-2024-10074
HIGHin OpenHarmony v4.1.1 and prior versions allow a local attacker cause the common permission is upgraded to root through use after free.
CVE-2024-47402
LOWin OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through out-of-bounds read.
CVE-2024-47137
HIGHin OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through out-of-bounds write.
CVE-2024-47404
HIGHin OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through double free.
CVE-2024-47797
HIGHin OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through out-of-bounds write.
CVE-2024-45382
LOWin OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through out-of-bounds write.
CVE-2024-43697
LOWin OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through improper input.
CVE-2024-43696
LOWin OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS by memory leak.
CVE-2024-39831
MEDIUMin OpenHarmony v4.1.0 allow a local attacker with high privileges arbitrary code execution in pre-installed apps through use after free.
CVE-2024-39806
MEDIUMin OpenHarmony v4.1.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read.
CVE-2024-41160
HIGHin OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free.
CVE-2024-41157
HIGHin OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free.
CVE-2024-39816
HIGHin OpenHarmony v4.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write.
CVE-2024-39775
MEDIUMin OpenHarmony v4.1.0 and prior versions allow a remote attacker cause information leak through out-of-bounds Read.
CVE-2024-39612
MEDIUMin OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read.
CVE-2024-38386
HIGHin OpenHarmony v4.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write.
CVE-2024-38382
MEDIUMin OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read.
CVE-2024-28044
LOWin OpenHarmony v4.1.0 and prior versions allow a local attacker cause crash through integer overflow.
CVE-2024-37077
HIGHin OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write.
CVE-2024-37185
HIGHin OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write.
CVE-2024-36260
HIGHin OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write.
CVE-2024-36278
LOWin OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion.
CVE-2024-36243
HIGHin OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds read and write.
CVE-2024-37030
HIGHin OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through use after free.
CVE-2024-31071
LOWin OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion.
CVE-2024-3759
MEDIUMin OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through use after free.
CVE-2024-3758
MEDIUMin OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through heap buffer overflow.
CVE-2024-3757
LOWin OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through integer overflow.
CVE-2024-31078
LOWin OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through NULL pointer dereference.
CVE-2024-23808
MEDIUMin OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free or cause DOS through NULL pointer dereference.
CVE-2024-27217
MEDIUMin OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free.
CVE-2024-29086
LOWin OpenHarmony v3.2.4 and prior versions allow a local attacker cause DOS through stack overflow.
CVE-2024-28951
MEDIUMin OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free.
CVE-2024-28226
HIGHin OpenHarmony v4.0.0 and prior versions allow a remote attacker cause DOS through improper input.
CVE-2024-24581
MEDIUMin OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution through out-of-bounds write.
CVE-2024-22092
HIGHin OpenHarmony v3.2.4 and prior versions allow a remote attacker bypass permission verification to install apps, although these require user action.
CVE-2024-29074
MEDIUMin OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through improper input.
CVE-2024-22180
LOWin OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through use after free.
CVE-2024-22098
MEDIUMin OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through use after free.
CVE-2024-22177
LOWin OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through get permission.
CVE-2024-21834
LOWin OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through type confusion.
CVE-2024-21826
MEDIUMin OpenHarmony v3.2.4 and prior versions allow a local attacker cause sensitive information leak through insecure storage.
CVE-2024-21816
MEDIUMin OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through improper preservation of permissions.
CVE-2023-49602
LOWin OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through type confusion.
CVE-2023-46708
MEDIUMin OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through use after free.
Showing 1 to 50 of 97 vulnerabilities