VYPR

HarmonyOS

by HarmonyOS

CVEs (51)

  • CVE-2022-48479CriMay 26, 2023
    risk 0.64cvss 9.8epss 0.00

    The facial recognition TA of some products has the out-of-bounds memory read vulnerability. Successful exploitation of this vulnerability may cause exceptions of the facial recognition service.

  • CVE-2022-48478CriMay 26, 2023
    risk 0.64cvss 9.8epss 0.00

    The facial recognition TA of some products lacks memory length verification. Successful exploitation of this vulnerability may cause exceptions of the facial recognition service.

  • CVE-2022-46316CriDec 20, 2022
    risk 0.64cvss 9.8epss 0.00

    A thread security vulnerability exists in the authentication process. Successful exploitation of this vulnerability may affect data integrity, confidentiality, and availability.

  • CVE-2022-38982CriOct 14, 2022
    risk 0.64cvss 9.8epss 0.01

    The fingerprint module has service logic errors.Successful exploitation of this vulnerability will cause the phone lock to be cracked.

  • CVE-2021-22480CriFeb 25, 2022
    risk 0.64cvss 9.8epss 0.01

    The interface of a certain HarmonyOS module has an integer overflow vulnerability. Successful exploitation of this vulnerability may lead to heap memory overflow.

  • CVE-2021-22376HigJun 30, 2021
    risk 0.55cvss 8.4epss 0.00

    A component of the HarmonyOS has a Improper Privilege Management vulnerability. Local attackers may exploit this vulnerability to bypass user restrictions.

  • CVE-2021-37134HigJan 3, 2022
    risk 0.53cvss 8.1epss 0.00

    Location-related APIs exists a Race Condition vulnerability.Successful exploitation of this vulnerability may use Higher Permissions for invoking the interface of location-related components.

  • CVE-2021-22470HigOct 28, 2021
    risk 0.51cvss 7.8epss 0.00

    A component of the HarmonyOS has a Privileges Controls vulnerability. Local attackers may exploit this vulnerability to expand the Recording Trusted Domain.

  • CVE-2021-22458HigOct 28, 2021
    risk 0.51cvss 7.8epss 0.00

    A component of the HarmonyOS has a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability. Local attackers may exploit this vulnerability to cause arbitrary code execution.

  • CVE-2021-22451HigOct 28, 2021
    risk 0.51cvss 7.8epss 0.00

    A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause memory overwriting.

  • CVE-2021-22425HigAug 3, 2021
    risk 0.51cvss 7.8epss 0.00

    A component of the HarmonyOS has a Double Free vulnerability. Local attackers may exploit this vulnerability to cause Root Elevating Privileges.

  • CVE-2021-22423HigAug 3, 2021
    risk 0.51cvss 7.8epss 0.00

    A component of the HarmonyOS has a Out-of-bounds Write Vulnerability. Local attackers may exploit this vulnerability to cause integer overflow.

  • CVE-2021-22422HigAug 3, 2021
    risk 0.51cvss 7.8epss 0.00

    A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause memory overwriting.

  • CVE-2021-22421HigAug 3, 2021
    risk 0.51cvss 7.8epss 0.00

    A component of the HarmonyOS has a Improper Privilege Management vulnerability. Local attackers may exploit this vulnerability to cause further Elevation of Privileges.

  • CVE-2021-22420HigAug 3, 2021
    risk 0.51cvss 7.8epss 0.00

    A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause the underlying trust of the application trustlist mechanism is missing..

  • CVE-2021-22418HigAug 3, 2021
    risk 0.51cvss 7.8epss 0.00

    A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause memory overwriting.

  • CVE-2021-22416HigAug 3, 2021
    risk 0.51cvss 7.8epss 0.00

    A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel Code Execution.

  • CVE-2021-40004HigJan 10, 2022
    risk 0.49cvss 7.5epss 0.01

    The cellular module has a vulnerability in permission management. Successful exploitation of this vulnerability may affect data confidentiality.

  • CVE-2021-39975HigJan 3, 2022
    risk 0.49cvss 7.5epss 0.01

    Hilinksvc has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause denial of service attacks.

  • CVE-2021-37126HigJan 3, 2022
    risk 0.49cvss 7.5epss 0.01

    Arbitrary file has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability .Successful exploitation of this vulnerability may cause the directory is traversed.

Page 1 of 3