HarmonyOS
by HarmonyOS
CVEs (51)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-22469 | Hig | 0.46 | 7.1 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a Out-of-bounds Read vulnerability. Local attackers may exploit this vulnerability to cause kernel out-of-bounds read. | ||
| CVE-2021-22326 | Hig | 0.46 | 7.1 | 0.00 | Jun 30, 2021 | A component of the HarmonyOS has a Privilege Dropping / Lowering Errors vulnerability. Local attackers may exploit this vulnerability to obtain Kernel space read/write capability. | ||
| CVE-2022-41590 | Med | 0.36 | 5.5 | 0.00 | Dec 20, 2022 | Some smartphones have authentication-related (including session management) vulnerabilities as the setup wizard is bypassed. Successful exploitation of this vulnerability affects the smartphone availability. | ||
| CVE-2021-22479 | Med | 0.36 | 5.5 | 0.00 | Feb 25, 2022 | The interface of a certain HarmonyOS module has an invalid address access vulnerability. Successful exploitation of this vulnerability may lead to kernel crash. | ||
| CVE-2021-22478 | Med | 0.36 | 5.5 | 0.00 | Feb 25, 2022 | The interface of a certain HarmonyOS module has a UAF vulnerability. Successful exploitation of this vulnerability may lead to information leakage. | ||
| CVE-2021-22471 | Med | 0.36 | 5.5 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause nearby process crash. | ||
| CVE-2021-22467 | Med | 0.36 | 5.5 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to read at any address. | ||
| CVE-2021-22466 | Med | 0.36 | 5.5 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a Use After Free vulnerability. Local attackers may exploit this vulnerability to cause kernel crash. | ||
| CVE-2021-22465 | Med | 0.36 | 5.5 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a Heap-based Buffer Overflow vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable. | ||
| CVE-2021-22463 | Med | 0.36 | 5.5 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a Use After Free vulnerability . Local attackers may exploit this vulnerability to cause Kernel Information disclosure. | ||
| CVE-2021-22462 | Med | 0.36 | 5.5 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause kernel crash. | ||
| CVE-2021-22461 | Med | 0.36 | 5.5 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a Allocation of Resources Without Limits or Throttling vulnerability. Local attackers may exploit this vulnerability to cause nearby process crash. | ||
| CVE-2021-22460 | Med | 0.36 | 5.5 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability. Local attackers may exploit this vulnerability to bypass the control mechanism. | ||
| CVE-2021-22459 | Med | 0.36 | 5.5 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause System functions which are unavailable. | ||
| CVE-2021-22456 | Med | 0.36 | 5.5 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable. | ||
| CVE-2021-22455 | Med | 0.36 | 5.5 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause the memory which is not released. | ||
| CVE-2021-22454 | Med | 0.36 | 5.5 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause core dump. | ||
| CVE-2021-22452 | Med | 0.36 | 5.5 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to read at any address. | ||
| CVE-2021-22450 | Med | 0.36 | 5.5 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a Incomplete Cleanup vulnerability. Local attackers may exploit this vulnerability to cause memory exhaustion. | ||
| CVE-2021-22295 | Med | 0.36 | 5.5 | 0.00 | Aug 6, 2021 | A component of the HarmonyOS has a permission bypass vulnerability. Local attackers may exploit this vulnerability to cause the device to hang due to the page error OsVmPageFaultHandler. |
- risk 0.46cvss 7.1epss 0.00
A component of the HarmonyOS has a Out-of-bounds Read vulnerability. Local attackers may exploit this vulnerability to cause kernel out-of-bounds read.
- risk 0.46cvss 7.1epss 0.00
A component of the HarmonyOS has a Privilege Dropping / Lowering Errors vulnerability. Local attackers may exploit this vulnerability to obtain Kernel space read/write capability.
- risk 0.36cvss 5.5epss 0.00
Some smartphones have authentication-related (including session management) vulnerabilities as the setup wizard is bypassed. Successful exploitation of this vulnerability affects the smartphone availability.
- risk 0.36cvss 5.5epss 0.00
The interface of a certain HarmonyOS module has an invalid address access vulnerability. Successful exploitation of this vulnerability may lead to kernel crash.
- risk 0.36cvss 5.5epss 0.00
The interface of a certain HarmonyOS module has a UAF vulnerability. Successful exploitation of this vulnerability may lead to information leakage.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause nearby process crash.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to read at any address.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a Use After Free vulnerability. Local attackers may exploit this vulnerability to cause kernel crash.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a Heap-based Buffer Overflow vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a Use After Free vulnerability . Local attackers may exploit this vulnerability to cause Kernel Information disclosure.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause kernel crash.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a Allocation of Resources Without Limits or Throttling vulnerability. Local attackers may exploit this vulnerability to cause nearby process crash.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability. Local attackers may exploit this vulnerability to bypass the control mechanism.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause System functions which are unavailable.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause the memory which is not released.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause core dump.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to read at any address.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a Incomplete Cleanup vulnerability. Local attackers may exploit this vulnerability to cause memory exhaustion.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a permission bypass vulnerability. Local attackers may exploit this vulnerability to cause the device to hang due to the page error OsVmPageFaultHandler.
Page 2 of 3