Openharmony
by OpenHarmony
CVEs (178)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-22835 | Low | 0.25 | 3.8 | 0.00 | Mar 4, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios. | ||
| CVE-2025-21084 | Low | 0.25 | 3.8 | 0.00 | Mar 4, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through through NULL pointer dereference.. This vulnerability can be exploited only in restricted scenarios. | ||
| CVE-2025-20626 | Low | 0.25 | 3.8 | 0.00 | Mar 4, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios. | ||
| CVE-2025-20091 | Low | 0.25 | 3.8 | 0.00 | Mar 4, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios. | ||
| CVE-2025-20081 | Low | 0.25 | 3.8 | 0.00 | Mar 4, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios. | ||
| CVE-2025-20024 | Low | 0.25 | 3.8 | 0.00 | Mar 4, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. This vulnerability can be exploited only in restricted scenarios. | ||
| CVE-2025-0587 | Low | 0.25 | 3.8 | 0.00 | Mar 4, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. This vulnerability can be exploited only in restricted scenarios. | ||
| CVE-2023-4753 | Low | 0.25 | 3.9 | 0.00 | Sep 21, 2023 | OpenHarmony v3.2.1 and prior version has a system call function usage error. Local attackers can crash kernel by the error input. | ||
| CVE-2026-33565 | Low | 0.21 | 3.3 | 0.00 | May 19, 2026 | in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. | ||
| CVE-2026-28751 | Low | 0.21 | 3.3 | 0.00 | May 19, 2026 | in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. | ||
| CVE-2026-27781 | Low | 0.21 | 3.3 | 0.00 | May 19, 2026 | in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. | ||
| CVE-2026-25110 | Low | 0.21 | 3.3 | 0.00 | May 19, 2026 | in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. | ||
| CVE-2025-27563 | Low | 0.21 | 3.3 | 0.00 | Jun 8, 2025 | in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission. | ||
| CVE-2025-27242 | Low | 0.21 | 3.3 | 0.00 | Jun 8, 2025 | in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input. | ||
| CVE-2025-26693 | Low | 0.21 | 3.3 | 0.00 | Jun 8, 2025 | in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission. | ||
| CVE-2025-25217 | Low | 0.21 | 3.3 | 0.00 | Jun 8, 2025 | in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference. | ||
| CVE-2025-23235 | Low | 0.21 | 3.3 | 0.00 | Jun 8, 2025 | in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through out-of-bounds read. | ||
| CVE-2025-21082 | Low | 0.21 | 3.3 | 0.00 | Jun 8, 2025 | in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion. | ||
| CVE-2025-20063 | Low | 0.21 | 3.3 | 0.00 | Jun 8, 2025 | in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion. | ||
| CVE-2025-27248 | Low | 0.21 | 3.3 | 0.00 | May 6, 2025 | in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference. |
- risk 0.25cvss 3.8epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.
- risk 0.25cvss 3.8epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through through NULL pointer dereference.. This vulnerability can be exploited only in restricted scenarios.
- risk 0.25cvss 3.8epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.
- risk 0.25cvss 3.8epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.
- risk 0.25cvss 3.8epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.
- risk 0.25cvss 3.8epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. This vulnerability can be exploited only in restricted scenarios.
- risk 0.25cvss 3.8epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. This vulnerability can be exploited only in restricted scenarios.
- risk 0.25cvss 3.9epss 0.00
OpenHarmony v3.2.1 and prior version has a system call function usage error. Local attackers can crash kernel by the error input.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through out-of-bounds read.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
Page 6 of 9