VYPR

Openharmony

by OpenHarmony

CVEs (178)

  • CVE-2025-26691MedJun 8, 2025
    risk 0.36cvss 5.5epss 0.00

    in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.

  • CVE-2025-24493MedJun 8, 2025
    risk 0.36cvss 5.5epss 0.00

    in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through race condition.

  • CVE-2025-21098MedMar 4, 2025
    risk 0.36cvss 5.5epss 0.00

    in OpenHarmony v5.0.2 and prior versions allow a local attacker cause information leak through out-of-bounds read bypass permission check.

  • CVE-2025-20042MedMar 4, 2025
    risk 0.36cvss 5.5epss 0.00

    in OpenHarmony v5.0.2 and prior versions allow a local attacker cause information leak through out-of-bounds read.

  • CVE-2025-0302MedFeb 7, 2025
    risk 0.36cvss 5.5epss 0.00

    in OpenHarmony v4.1.2 and prior versions allow a local attacker cause DOS through integer overflow.

  • CVE-2024-45070MedJan 7, 2025
    risk 0.36cvss 5.5epss 0.00

    in OpenHarmony v4.1.2 and prior versions allow a local attacker cause information leak through out-of-bounds Read.

  • CVE-2024-9978MedDec 3, 2024
    risk 0.36cvss 5.5epss 0.00

    in OpenHarmony v4.1.1 and prior versions allow a local attacker cause information leak through out-of-bounds Read.

  • CVE-2024-12082MedDec 3, 2024
    risk 0.36cvss 5.5epss 0.00

    in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read.

  • CVE-2024-39806MedOct 8, 2024
    risk 0.36cvss 5.5epss 0.00

    in OpenHarmony v4.1.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read.

  • CVE-2024-39612MedSep 2, 2024
    risk 0.36cvss 5.5epss 0.00

    in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read.

  • CVE-2024-38382MedSep 2, 2024
    risk 0.36cvss 5.5epss 0.00

    in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read.

  • CVE-2024-28951MedApr 2, 2024
    risk 0.36cvss 5.5epss 0.00

    in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free.

  • CVE-2023-24465MedMar 10, 2023
    risk 0.36cvss 5.5epss 0.00

    Communication Wi-Fi subsystem within OpenHarmony-v3.1.4 and prior versions, OpenHarmony-v3.0.7 and prior versions has a null pointer reference vulnerability which local attackers can exploit this vulnerability to cause the current application to crash.

  • CVE-2021-22296MedMar 2, 2021
    risk 0.36cvss 5.5epss 0.00

    A component of HarmonyOS 2.0 has a DoS vulnerability. Local attackers may exploit this vulnerability to mount a file system to the target device, causing DoS of the file system.

  • CVE-2024-23808MedMay 7, 2024
    risk 0.34cvss 5.2epss 0.00

    in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free or cause DOS through NULL pointer dereference.

  • CVE-2022-41686MedOct 14, 2022
    risk 0.33cvss 5.1epss 0.00

    OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have an Out-of-bound memory read and write vulnerability in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could read out-of-bound…

  • CVE-2024-21863MedFeb 2, 2024
    risk 0.31cvss 4.7epss 0.00

    in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through improper input.

  • CVE-2024-0285MedFeb 2, 2024
    risk 0.31cvss 4.7epss 0.00

    in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through improper input.

  • CVE-2024-54030MedJan 7, 2025
    risk 0.29cvss 4.4epss 0.00

    in OpenHarmony v4.1.2 and prior versions allow a local attacker cause DOS through use after free.

  • CVE-2024-39831MedOct 8, 2024
    risk 0.29cvss 4.4epss 0.00

    in OpenHarmony v4.1.0 allow a local attacker with high privileges arbitrary code execution in pre-installed apps through use after free.

Page 4 of 9