HarmonyOS
by HarmonyOS
CVEs (51)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-22424 | Med | 0.36 | 5.5 | 0.00 | Aug 3, 2021 | A component of the HarmonyOS has a Kernel Memory Leakage Vulnerability. Local attackers may exploit this vulnerability to cause Kernel Denial of Service. | ||
| CVE-2021-22419 | Med | 0.36 | 5.5 | 0.00 | Aug 3, 2021 | A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability. Local attackers may exploit this vulnerability to cause persistent dos. | ||
| CVE-2021-22417 | Med | 0.36 | 5.5 | 0.00 | Aug 3, 2021 | A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel Memory Leakage. | ||
| CVE-2021-22318 | Med | 0.36 | 5.5 | 0.00 | Jul 14, 2021 | A component of the HarmonyOS 2.0 has a Null Pointer Dereference Vulnerability. Local attackers may exploit this vulnerability to cause system denial of service. | ||
| CVE-2021-22296 | Med | 0.36 | 5.5 | 0.00 | Mar 2, 2021 | A component of HarmonyOS 2.0 has a DoS vulnerability. Local attackers may exploit this vulnerability to mount a file system to the target device, causing DoS of the file system. | ||
| CVE-2021-37132 | Med | 0.34 | 5.3 | 0.01 | Jan 3, 2022 | PackageManagerService has a Permissions, Privileges, and Access Controls vulnerability .Successful exploitation of this vulnerability may cause that Third-party apps can obtain the complete list of Harmony apps without permission. | ||
| CVE-2021-22468 | Low | 0.21 | 3.3 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability. Local attackers may exploit this vulnerability to cause kernel address leakage. | ||
| CVE-2021-22464 | Low | 0.21 | 3.3 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a Out-of-bounds Read vulnerability. Local attackers may exploit this vulnerability to cause system Soft Restart. | ||
| CVE-2021-22457 | Low | 0.21 | 3.3 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to cause out-of-bounds write. | ||
| CVE-2021-22453 | Low | 0.21 | 3.3 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to cause nearby process crash. | ||
| CVE-2021-22294 | Low | 0.21 | 3.3 | 0.00 | Mar 2, 2021 | A component API of the HarmonyOS 2.0 has a permission bypass vulnerability. Local attackers may exploit this vulnerability to issue commands repeatedly, exhausting system service resources. |
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a Kernel Memory Leakage Vulnerability. Local attackers may exploit this vulnerability to cause Kernel Denial of Service.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability. Local attackers may exploit this vulnerability to cause persistent dos.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel Memory Leakage.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS 2.0 has a Null Pointer Dereference Vulnerability. Local attackers may exploit this vulnerability to cause system denial of service.
- risk 0.36cvss 5.5epss 0.00
A component of HarmonyOS 2.0 has a DoS vulnerability. Local attackers may exploit this vulnerability to mount a file system to the target device, causing DoS of the file system.
- risk 0.34cvss 5.3epss 0.01
PackageManagerService has a Permissions, Privileges, and Access Controls vulnerability .Successful exploitation of this vulnerability may cause that Third-party apps can obtain the complete list of Harmony apps without permission.
- risk 0.21cvss 3.3epss 0.00
A component of the HarmonyOS has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability. Local attackers may exploit this vulnerability to cause kernel address leakage.
- risk 0.21cvss 3.3epss 0.00
A component of the HarmonyOS has a Out-of-bounds Read vulnerability. Local attackers may exploit this vulnerability to cause system Soft Restart.
- risk 0.21cvss 3.3epss 0.00
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to cause out-of-bounds write.
- risk 0.21cvss 3.3epss 0.00
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to cause nearby process crash.
- risk 0.21cvss 3.3epss 0.00
A component API of the HarmonyOS 2.0 has a permission bypass vulnerability. Local attackers may exploit this vulnerability to issue commands repeatedly, exhausting system service resources.
Page 3 of 3