VYPR

Openharmony

by OpenHarmony

CVEs (178)

  • CVE-2025-22835LowMar 4, 2025
    risk 0.25cvss 3.8epss 0.00

    in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.

  • CVE-2025-21084LowMar 4, 2025
    risk 0.25cvss 3.8epss 0.00

    in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through through NULL pointer dereference.. This vulnerability can be exploited only in restricted scenarios.

  • CVE-2025-20626LowMar 4, 2025
    risk 0.25cvss 3.8epss 0.00

    in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.

  • CVE-2025-20091LowMar 4, 2025
    risk 0.25cvss 3.8epss 0.00

    in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.

  • CVE-2025-20081LowMar 4, 2025
    risk 0.25cvss 3.8epss 0.00

    in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.

  • CVE-2025-20024LowMar 4, 2025
    risk 0.25cvss 3.8epss 0.00

    in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. This vulnerability can be exploited only in restricted scenarios.

  • CVE-2025-0587LowMar 4, 2025
    risk 0.25cvss 3.8epss 0.00

    in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. This vulnerability can be exploited only in restricted scenarios.

  • CVE-2023-4753LowSep 21, 2023
    risk 0.25cvss 3.9epss 0.00

    OpenHarmony v3.2.1 and prior version has a system call function usage error. Local attackers can crash kernel by the error input.

  • CVE-2026-33565LowMay 19, 2026
    risk 0.21cvss 3.3epss 0.00

    in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.

  • CVE-2026-28751LowMay 19, 2026
    risk 0.21cvss 3.3epss 0.00

    in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.

  • CVE-2026-27781LowMay 19, 2026
    risk 0.21cvss 3.3epss 0.00

    in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.

  • CVE-2026-25110LowMay 19, 2026
    risk 0.21cvss 3.3epss 0.00

    in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.

  • CVE-2025-27563LowJun 8, 2025
    risk 0.21cvss 3.3epss 0.00

    in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.

  • CVE-2025-27242LowJun 8, 2025
    risk 0.21cvss 3.3epss 0.00

    in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input.

  • CVE-2025-26693LowJun 8, 2025
    risk 0.21cvss 3.3epss 0.00

    in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.

  • CVE-2025-25217LowJun 8, 2025
    risk 0.21cvss 3.3epss 0.00

    in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.

  • CVE-2025-23235LowJun 8, 2025
    risk 0.21cvss 3.3epss 0.00

    in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through out-of-bounds read.

  • CVE-2025-21082LowJun 8, 2025
    risk 0.21cvss 3.3epss 0.00

    in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion.

  • CVE-2025-20063LowJun 8, 2025
    risk 0.21cvss 3.3epss 0.00

    in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion.

  • CVE-2025-27248LowMay 6, 2025
    risk 0.21cvss 3.3epss 0.00

    in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.

Page 6 of 9