Harmonyos
by Huawei
CVEs (1,067)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-53169 | 0.00 | — | 0.00 | Jul 7, 2025 | Vulnerability of bypassing the process to start SA and use related functions on distributed cameras Impact: Successful exploitation of this vulnerability may allow the peer device to use the camera without user awareness. | |||
| CVE-2025-53168 | 0.00 | — | 0.00 | Jul 7, 2025 | Vulnerability of bypassing the process to start SA and use related functions on distributed cameras Impact: Successful exploitation of this vulnerability may allow the peer device to use the camera without user awareness. | |||
| CVE-2025-53167 | 0.00 | — | 0.00 | Jul 7, 2025 | Authentication vulnerability in the distributed collaboration framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2025-48908 | 0.00 | — | 0.00 | Jun 6, 2025 | Ability Auto Startup service vulnerability in the foundation process Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2025-48911 | 0.00 | — | 0.00 | Jun 6, 2025 | Vulnerability of improper permission assignment in the note sharing module Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2025-48910 | 0.00 | — | 0.00 | Jun 6, 2025 | Buffer overflow vulnerability in the DFile module Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2025-48909 | 0.00 | — | 0.00 | Jun 6, 2025 | Bypass vulnerability in the device management channel Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2024-58114 | 0.00 | — | 0.00 | Jun 6, 2025 | Resource allocation control failure vulnerability in the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2025-48907 | 0.00 | — | 0.00 | Jun 6, 2025 | Deserialization vulnerability in the IPC module Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2025-48906 | 0.00 | — | 0.00 | Jun 6, 2025 | Authentication bypass vulnerability in the DSoftBus module Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2025-48905 | 0.00 | — | 0.00 | Jun 6, 2025 | Wasm exception capture vulnerability in the arkweb v8 module Impact: Successful exploitation of this vulnerability may cause the failure to capture specific Wasm exception types. | |||
| CVE-2025-48904 | 0.00 | — | 0.00 | Jun 6, 2025 | Vulnerability that cards can call unauthorized APIs in the FRS process Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2025-48903 | 0.00 | — | 0.00 | Jun 6, 2025 | Permission bypass vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2025-48902 | 0.00 | — | 0.00 | Jun 6, 2025 | Vulnerability of uncontrolled system resource applications in the setting module Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2025-46593 | 0.00 | — | 0.00 | May 6, 2025 | Process residence vulnerability in abnormal scenarios in the print module Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2025-46592 | 0.00 | — | 0.00 | May 6, 2025 | Null pointer dereference vulnerability in the USB HDI driver module Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2025-46591 | 0.00 | — | 0.00 | May 6, 2025 | Out-of-bounds data read vulnerability in the authorization module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2025-46590 | 0.00 | — | 0.00 | May 6, 2025 | Bypass vulnerability in the network search instruction authentication module Impact: Successful exploitation of this vulnerability can bypass authentication and enable access to some network search functions. | |||
| CVE-2025-46589 | 0.00 | — | 0.00 | May 6, 2025 | Vulnerability of unauthorized access in the app lock module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. | |||
| CVE-2025-46588 | 0.00 | — | 0.00 | May 6, 2025 | Vulnerability of unauthorized access in the app lock module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. |
- CVE-2025-53169Jul 7, 2025risk 0.00cvss —epss 0.00
Vulnerability of bypassing the process to start SA and use related functions on distributed cameras Impact: Successful exploitation of this vulnerability may allow the peer device to use the camera without user awareness.
- CVE-2025-53168Jul 7, 2025risk 0.00cvss —epss 0.00
Vulnerability of bypassing the process to start SA and use related functions on distributed cameras Impact: Successful exploitation of this vulnerability may allow the peer device to use the camera without user awareness.
- CVE-2025-53167Jul 7, 2025risk 0.00cvss —epss 0.00
Authentication vulnerability in the distributed collaboration framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2025-48908Jun 6, 2025risk 0.00cvss —epss 0.00
Ability Auto Startup service vulnerability in the foundation process Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-48911Jun 6, 2025risk 0.00cvss —epss 0.00
Vulnerability of improper permission assignment in the note sharing module Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-48910Jun 6, 2025risk 0.00cvss —epss 0.00
Buffer overflow vulnerability in the DFile module Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-48909Jun 6, 2025risk 0.00cvss —epss 0.00
Bypass vulnerability in the device management channel Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2024-58114Jun 6, 2025risk 0.00cvss —epss 0.00
Resource allocation control failure vulnerability in the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-48907Jun 6, 2025risk 0.00cvss —epss 0.00
Deserialization vulnerability in the IPC module Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-48906Jun 6, 2025risk 0.00cvss —epss 0.00
Authentication bypass vulnerability in the DSoftBus module Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-48905Jun 6, 2025risk 0.00cvss —epss 0.00
Wasm exception capture vulnerability in the arkweb v8 module Impact: Successful exploitation of this vulnerability may cause the failure to capture specific Wasm exception types.
- CVE-2025-48904Jun 6, 2025risk 0.00cvss —epss 0.00
Vulnerability that cards can call unauthorized APIs in the FRS process Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-48903Jun 6, 2025risk 0.00cvss —epss 0.00
Permission bypass vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-48902Jun 6, 2025risk 0.00cvss —epss 0.00
Vulnerability of uncontrolled system resource applications in the setting module Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-46593May 6, 2025risk 0.00cvss —epss 0.00
Process residence vulnerability in abnormal scenarios in the print module Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-46592May 6, 2025risk 0.00cvss —epss 0.00
Null pointer dereference vulnerability in the USB HDI driver module Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-46591May 6, 2025risk 0.00cvss —epss 0.00
Out-of-bounds data read vulnerability in the authorization module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2025-46590May 6, 2025risk 0.00cvss —epss 0.00
Bypass vulnerability in the network search instruction authentication module Impact: Successful exploitation of this vulnerability can bypass authentication and enable access to some network search functions.
- CVE-2025-46589May 6, 2025risk 0.00cvss —epss 0.00
Vulnerability of unauthorized access in the app lock module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
- CVE-2025-46588May 6, 2025risk 0.00cvss —epss 0.00
Vulnerability of unauthorized access in the app lock module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
Page 11 of 54