Harmonyos
by Huawei
CVEs (1,067)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-54624 | 0.00 | — | 0.00 | Aug 6, 2025 | Unexpected injection event vulnerability in the multimodalinput module. Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2025-54623 | 0.00 | — | 0.00 | Aug 6, 2025 | Out-of-bounds read vulnerability in the devicemanager module. Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2025-54622 | 0.00 | — | 0.00 | Aug 6, 2025 | Binding authentication bypass vulnerability in the devicemanager module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2025-54621 | 0.00 | — | 0.00 | Aug 6, 2025 | Iterator failure issue in the WantAgent module. Impact: Successful exploitation of this vulnerability may cause memory release failures. | |||
| CVE-2025-54620 | 0.00 | — | 0.00 | Aug 6, 2025 | Deserialization vulnerability of untrusted data in the ability module. Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2025-54619 | 0.00 | — | 0.00 | Aug 6, 2025 | Iterator failure issue in the multi-mode input module. Impact: Successful exploitation of this vulnerability may cause iterator failures and affect availability. | |||
| CVE-2025-54618 | 0.00 | — | 0.00 | Aug 6, 2025 | Permission control vulnerability in the distributed clipboard module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2025-54617 | 0.00 | — | 0.00 | Aug 6, 2025 | Stack-based buffer overflow vulnerability in the dms_fwk module. Impact: Successful exploitation of this vulnerability can cause RCE. | |||
| CVE-2025-54616 | 0.00 | — | 0.00 | Aug 6, 2025 | Out-of-bounds array access vulnerability in the ArkUI framework. Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2025-54615 | 0.00 | — | 0.00 | Aug 6, 2025 | Vulnerability of insufficient information protection in the media library module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2025-54614 | 0.00 | — | 0.00 | Aug 6, 2025 | Input verification vulnerability in the home screen module. Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2025-54613 | 0.00 | — | 0.00 | Aug 6, 2025 | Iterator failure vulnerability in the card management module. Impact: Successful exploitation of this vulnerability may affect function stability. | |||
| CVE-2025-54612 | 0.00 | — | 0.00 | Aug 6, 2025 | Iterator failure vulnerability in the card management module. Impact: Successful exploitation of this vulnerability may affect function stability. | |||
| CVE-2025-54611 | 0.00 | — | 0.00 | Aug 6, 2025 | EXTRA_REFERRER resource read vulnerability in the Gallery module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2025-54610 | 0.00 | — | 0.00 | Aug 6, 2025 | Out-of-bounds access vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2025-54609 | 0.00 | — | 0.00 | Aug 6, 2025 | Out-of-bounds access vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2025-54608 | 0.00 | — | 0.00 | Aug 6, 2025 | Vulnerability that allows setting screen rotation direction without permission verification in the screen management module. Impact: Successful exploitation of this vulnerability may cause device screen orientation to be arbitrarily set. | |||
| CVE-2025-54607 | 0.00 | — | 0.00 | Aug 6, 2025 | Authentication management vulnerability in the ArkWeb module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2025-54606 | 0.00 | — | 0.00 | Aug 6, 2025 | Status verification vulnerability in the lock screen module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality. | |||
| CVE-2025-54655 | 0.00 | — | 0.00 | Aug 6, 2025 | Race condition vulnerability in the virtualization base module. Successful exploitation of this vulnerability may affect the confidentiality and integrity of the virtualization graphics module. |
- CVE-2025-54624Aug 6, 2025risk 0.00cvss —epss 0.00
Unexpected injection event vulnerability in the multimodalinput module. Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-54623Aug 6, 2025risk 0.00cvss —epss 0.00
Out-of-bounds read vulnerability in the devicemanager module. Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-54622Aug 6, 2025risk 0.00cvss —epss 0.00
Binding authentication bypass vulnerability in the devicemanager module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2025-54621Aug 6, 2025risk 0.00cvss —epss 0.00
Iterator failure issue in the WantAgent module. Impact: Successful exploitation of this vulnerability may cause memory release failures.
- CVE-2025-54620Aug 6, 2025risk 0.00cvss —epss 0.00
Deserialization vulnerability of untrusted data in the ability module. Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-54619Aug 6, 2025risk 0.00cvss —epss 0.00
Iterator failure issue in the multi-mode input module. Impact: Successful exploitation of this vulnerability may cause iterator failures and affect availability.
- CVE-2025-54618Aug 6, 2025risk 0.00cvss —epss 0.00
Permission control vulnerability in the distributed clipboard module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2025-54617Aug 6, 2025risk 0.00cvss —epss 0.00
Stack-based buffer overflow vulnerability in the dms_fwk module. Impact: Successful exploitation of this vulnerability can cause RCE.
- CVE-2025-54616Aug 6, 2025risk 0.00cvss —epss 0.00
Out-of-bounds array access vulnerability in the ArkUI framework. Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-54615Aug 6, 2025risk 0.00cvss —epss 0.00
Vulnerability of insufficient information protection in the media library module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2025-54614Aug 6, 2025risk 0.00cvss —epss 0.00
Input verification vulnerability in the home screen module. Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-54613Aug 6, 2025risk 0.00cvss —epss 0.00
Iterator failure vulnerability in the card management module. Impact: Successful exploitation of this vulnerability may affect function stability.
- CVE-2025-54612Aug 6, 2025risk 0.00cvss —epss 0.00
Iterator failure vulnerability in the card management module. Impact: Successful exploitation of this vulnerability may affect function stability.
- CVE-2025-54611Aug 6, 2025risk 0.00cvss —epss 0.00
EXTRA_REFERRER resource read vulnerability in the Gallery module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2025-54610Aug 6, 2025risk 0.00cvss —epss 0.00
Out-of-bounds access vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-54609Aug 6, 2025risk 0.00cvss —epss 0.00
Out-of-bounds access vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-54608Aug 6, 2025risk 0.00cvss —epss 0.00
Vulnerability that allows setting screen rotation direction without permission verification in the screen management module. Impact: Successful exploitation of this vulnerability may cause device screen orientation to be arbitrarily set.
- CVE-2025-54607Aug 6, 2025risk 0.00cvss —epss 0.00
Authentication management vulnerability in the ArkWeb module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2025-54606Aug 6, 2025risk 0.00cvss —epss 0.00
Status verification vulnerability in the lock screen module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
- CVE-2025-54655Aug 6, 2025risk 0.00cvss —epss 0.00
Race condition vulnerability in the virtualization base module. Successful exploitation of this vulnerability may affect the confidentiality and integrity of the virtualization graphics module.
Page 9 of 54