Harmonyos
by Huawei
CVEs (1,067)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-57957 | 0.00 | — | 0.00 | Feb 6, 2025 | Vulnerability of improper log information control in the UI framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2024-57956 | 0.00 | — | 0.00 | Feb 6, 2025 | Out-of-bounds read vulnerability in the interpreter string module Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2024-57955 | 0.00 | — | 0.00 | Feb 6, 2025 | Arbitrary write vulnerability in the Gallery module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2024-57954 | 0.00 | — | 0.00 | Feb 6, 2025 | Permission verification vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2024-54121 | 0.00 | — | 0.00 | Jan 8, 2025 | Startup control vulnerability in the ability module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. | |||
| CVE-2024-56456 | 0.00 | — | 0.00 | Jan 8, 2025 | Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2024-56455 | 0.00 | — | 0.00 | Jan 8, 2025 | Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2024-56454 | 0.00 | — | 0.00 | Jan 8, 2025 | Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2024-56453 | 0.00 | — | 0.00 | Jan 8, 2025 | Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2024-56452 | 0.00 | — | 0.00 | Jan 8, 2025 | Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2024-56451 | 0.00 | — | 0.00 | Jan 8, 2025 | Integer overflow vulnerability during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2024-56450 | 0.00 | — | 0.00 | Jan 8, 2025 | Buffer overflow vulnerability in the component driver module Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2024-56449 | 0.00 | — | 0.00 | Jan 8, 2025 | Privilege escalation vulnerability in the Account module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2024-56448 | 0.00 | — | 0.00 | Jan 8, 2025 | Vulnerability of improper access control in the home screen widget module Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2024-56447 | 0.00 | — | 0.00 | Jan 8, 2025 | Vulnerability of improper permission control in the window management module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2024-56446 | 0.00 | — | 0.00 | Jan 8, 2025 | Vulnerability of variables not being initialized in the notification module Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2024-56445 | 0.00 | — | 0.00 | Jan 8, 2025 | Instruction authentication bypass vulnerability in the Findnetwork module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. | |||
| CVE-2024-56444 | 0.00 | — | 0.00 | Jan 8, 2025 | Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2024-56443 | 0.00 | — | 0.00 | Jan 8, 2025 | Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2024-54120 | 0.00 | — | 0.00 | Jan 8, 2025 | Race condition vulnerability in the distributed notification module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. |
- CVE-2024-57957Feb 6, 2025risk 0.00cvss —epss 0.00
Vulnerability of improper log information control in the UI framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2024-57956Feb 6, 2025risk 0.00cvss —epss 0.00
Out-of-bounds read vulnerability in the interpreter string module Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2024-57955Feb 6, 2025risk 0.00cvss —epss 0.00
Arbitrary write vulnerability in the Gallery module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2024-57954Feb 6, 2025risk 0.00cvss —epss 0.00
Permission verification vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2024-54121Jan 8, 2025risk 0.00cvss —epss 0.00
Startup control vulnerability in the ability module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
- CVE-2024-56456Jan 8, 2025risk 0.00cvss —epss 0.00
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2024-56455Jan 8, 2025risk 0.00cvss —epss 0.00
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2024-56454Jan 8, 2025risk 0.00cvss —epss 0.00
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2024-56453Jan 8, 2025risk 0.00cvss —epss 0.00
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2024-56452Jan 8, 2025risk 0.00cvss —epss 0.00
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2024-56451Jan 8, 2025risk 0.00cvss —epss 0.00
Integer overflow vulnerability during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2024-56450Jan 8, 2025risk 0.00cvss —epss 0.00
Buffer overflow vulnerability in the component driver module Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2024-56449Jan 8, 2025risk 0.00cvss —epss 0.00
Privilege escalation vulnerability in the Account module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2024-56448Jan 8, 2025risk 0.00cvss —epss 0.00
Vulnerability of improper access control in the home screen widget module Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2024-56447Jan 8, 2025risk 0.00cvss —epss 0.00
Vulnerability of improper permission control in the window management module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2024-56446Jan 8, 2025risk 0.00cvss —epss 0.00
Vulnerability of variables not being initialized in the notification module Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2024-56445Jan 8, 2025risk 0.00cvss —epss 0.00
Instruction authentication bypass vulnerability in the Findnetwork module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
- CVE-2024-56444Jan 8, 2025risk 0.00cvss —epss 0.00
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2024-56443Jan 8, 2025risk 0.00cvss —epss 0.00
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2024-54120Jan 8, 2025risk 0.00cvss —epss 0.00
Race condition vulnerability in the distributed notification module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
Page 14 of 54