Harmonyos
by Huawei
CVEs (1,067)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-58286 | 0.00 | — | 0.00 | Oct 11, 2025 | Denial of service (DoS) vulnerability in the office service. Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2025-58285 | 0.00 | — | 0.00 | Oct 11, 2025 | Permission control vulnerability in the media module. Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2025-58284 | 0.00 | — | 0.00 | Oct 11, 2025 | Permission control vulnerability in the network module. Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2025-58283 | 0.00 | — | 0.00 | Oct 11, 2025 | Permission control vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2025-58282 | 0.00 | — | 0.00 | Oct 11, 2025 | Permission control vulnerability in the camera module. Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2025-58278 | 0.00 | — | 0.00 | Oct 11, 2025 | Identity authentication bypass vulnerability in the Gallery app. Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2025-58277 | 0.00 | — | 0.00 | Oct 11, 2025 | Permission verification bypass vulnerability in the Camera app. Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2025-54654 | 0.00 | — | 0.00 | Oct 11, 2025 | Permission control vulnerability in the Gallery module. Successful exploitation of this vulnerability may affect service confidentiality | |||
| CVE-2025-58313 | 0.00 | — | 0.00 | Sep 5, 2025 | Race condition vulnerability in the device standby module. Impact: Successful exploitation of this vulnerability may cause feature exceptions of the device standby module. | |||
| CVE-2025-58296 | 0.00 | — | 0.00 | Sep 5, 2025 | Race condition vulnerability in the audio module. Impact: Successful exploitation of this vulnerability may affect function stability. | |||
| CVE-2025-58281 | 0.00 | — | 0.00 | Sep 5, 2025 | Out-of-bounds read vulnerability in the runtime interpreter module. Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2025-58280 | 0.00 | — | 0.00 | Sep 5, 2025 | Vulnerability of exposing object heap addresses in the Ark eTS module. Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2025-58276 | 0.00 | — | 0.00 | Sep 5, 2025 | Permission verification vulnerability in the home screen module Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2025-54651 | 0.00 | — | 0.00 | Aug 6, 2025 | Race condition vulnerability in the kernel hufs module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2025-54650 | 0.00 | — | 0.00 | Aug 6, 2025 | Improper array index verification vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect the audio decoding function. | |||
| CVE-2025-54649 | 0.00 | — | 0.00 | Aug 6, 2025 | Vulnerability of using incompatible types to access resources in the location service. Impact: Successful exploitation of this vulnerability may cause some location information attributes to be incorrect. | |||
| CVE-2025-54648 | 0.00 | — | 0.00 | Aug 6, 2025 | Out-of-bounds read vulnerability in the SSAP module of the NearLink protocol stack. Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2025-54647 | 0.00 | — | 0.00 | Aug 6, 2025 | Out-of-bounds read vulnerability in the SSAP module of the NearLink protocol stack. Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2025-54646 | 0.00 | — | 0.00 | Aug 6, 2025 | Vulnerability of inadequate packet length check in the BLE module. Impact: Successful exploitation of this vulnerability may affect performance. | |||
| CVE-2025-54645 | 0.00 | — | 0.00 | Aug 6, 2025 | Out-of-bounds array access issue due to insufficient data verification in the location service module. Impact: Successful exploitation of this vulnerability may affect availability. |
- CVE-2025-58286Oct 11, 2025risk 0.00cvss —epss 0.00
Denial of service (DoS) vulnerability in the office service. Successful exploitation of this vulnerability may affect availability.
- CVE-2025-58285Oct 11, 2025risk 0.00cvss —epss 0.00
Permission control vulnerability in the media module. Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2025-58284Oct 11, 2025risk 0.00cvss —epss 0.00
Permission control vulnerability in the network module. Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2025-58283Oct 11, 2025risk 0.00cvss —epss 0.00
Permission control vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2025-58282Oct 11, 2025risk 0.00cvss —epss 0.00
Permission control vulnerability in the camera module. Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2025-58278Oct 11, 2025risk 0.00cvss —epss 0.00
Identity authentication bypass vulnerability in the Gallery app. Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2025-58277Oct 11, 2025risk 0.00cvss —epss 0.00
Permission verification bypass vulnerability in the Camera app. Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2025-54654Oct 11, 2025risk 0.00cvss —epss 0.00
Permission control vulnerability in the Gallery module. Successful exploitation of this vulnerability may affect service confidentiality
- CVE-2025-58313Sep 5, 2025risk 0.00cvss —epss 0.00
Race condition vulnerability in the device standby module. Impact: Successful exploitation of this vulnerability may cause feature exceptions of the device standby module.
- CVE-2025-58296Sep 5, 2025risk 0.00cvss —epss 0.00
Race condition vulnerability in the audio module. Impact: Successful exploitation of this vulnerability may affect function stability.
- CVE-2025-58281Sep 5, 2025risk 0.00cvss —epss 0.00
Out-of-bounds read vulnerability in the runtime interpreter module. Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-58280Sep 5, 2025risk 0.00cvss —epss 0.00
Vulnerability of exposing object heap addresses in the Ark eTS module. Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-58276Sep 5, 2025risk 0.00cvss —epss 0.00
Permission verification vulnerability in the home screen module Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-54651Aug 6, 2025risk 0.00cvss —epss 0.00
Race condition vulnerability in the kernel hufs module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2025-54650Aug 6, 2025risk 0.00cvss —epss 0.00
Improper array index verification vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect the audio decoding function.
- CVE-2025-54649Aug 6, 2025risk 0.00cvss —epss 0.00
Vulnerability of using incompatible types to access resources in the location service. Impact: Successful exploitation of this vulnerability may cause some location information attributes to be incorrect.
- CVE-2025-54648Aug 6, 2025risk 0.00cvss —epss 0.00
Out-of-bounds read vulnerability in the SSAP module of the NearLink protocol stack. Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-54647Aug 6, 2025risk 0.00cvss —epss 0.00
Out-of-bounds read vulnerability in the SSAP module of the NearLink protocol stack. Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-54646Aug 6, 2025risk 0.00cvss —epss 0.00
Vulnerability of inadequate packet length check in the BLE module. Impact: Successful exploitation of this vulnerability may affect performance.
- CVE-2025-54645Aug 6, 2025risk 0.00cvss —epss 0.00
Out-of-bounds array access issue due to insufficient data verification in the location service module. Impact: Successful exploitation of this vulnerability may affect availability.
Page 7 of 54