Vendor CVEs
OpenHarmony
All CVEs
179 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-22835 | Low | 0.25 | 3.8 | 0.00 | Mar 4, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios. | ||
| CVE-2025-21084 | Low | 0.25 | 3.8 | 0.00 | Mar 4, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through through NULL pointer dereference.. This vulnerability can be exploited only in restricted scenarios. | ||
| CVE-2025-20626 | Low | 0.25 | 3.8 | 0.00 | Mar 4, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios. | ||
| CVE-2025-20091 | Low | 0.25 | 3.8 | 0.00 | Mar 4, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios. | ||
| CVE-2025-20081 | Low | 0.25 | 3.8 | 0.00 | Mar 4, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios. | ||
| CVE-2025-20024 | Low | 0.25 | 3.8 | 0.00 | Mar 4, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. This vulnerability can be exploited only in restricted scenarios. | ||
| CVE-2025-0587 | Low | 0.25 | 3.8 | 0.00 | Mar 4, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. This vulnerability can be exploited only in restricted scenarios. | ||
| CVE-2023-4753 | Low | 0.25 | 3.9 | 0.00 | Sep 21, 2023 | OpenHarmony v3.2.1 and prior version has a system call function usage error. Local attackers can crash kernel by the error input. | ||
| CVE-2026-33565 | Low | 0.21 | 3.3 | 0.00 | May 19, 2026 | in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. | ||
| CVE-2026-28751 | Low | 0.21 | 3.3 | 0.00 | May 19, 2026 | in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. | ||
| CVE-2026-27781 | Low | 0.21 | 3.3 | 0.00 | May 19, 2026 | in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. | ||
| CVE-2026-25110 | Low | 0.21 | 3.3 | 0.00 | May 19, 2026 | in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. | ||
| CVE-2025-27563 | Low | 0.21 | 3.3 | 0.00 | Jun 8, 2025 | in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission. | ||
| CVE-2025-27242 | Low | 0.21 | 3.3 | 0.00 | Jun 8, 2025 | in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input. | ||
| CVE-2025-26693 | Low | 0.21 | 3.3 | 0.00 | Jun 8, 2025 | in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission. | ||
| CVE-2025-25217 | Low | 0.21 | 3.3 | 0.00 | Jun 8, 2025 | in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference. | ||
| CVE-2025-23235 | Low | 0.21 | 3.3 | 0.00 | Jun 8, 2025 | in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through out-of-bounds read. | ||
| CVE-2025-21082 | Low | 0.21 | 3.3 | 0.00 | Jun 8, 2025 | in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion. | ||
| CVE-2025-20063 | Low | 0.21 | 3.3 | 0.00 | Jun 8, 2025 | in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion. | ||
| CVE-2025-27248 | Low | 0.21 | 3.3 | 0.00 | May 6, 2025 | in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference. | ||
| CVE-2025-27241 | Low | 0.21 | 3.3 | 0.00 | May 6, 2025 | in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference. | ||
| CVE-2025-25218 | Low | 0.21 | 3.3 | 0.00 | May 6, 2025 | in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference. | ||
| CVE-2025-25052 | Low | 0.21 | 3.3 | 0.00 | May 6, 2025 | in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through buffer overflow. | ||
| CVE-2025-22886 | Low | 0.21 | 3.3 | 0.00 | May 6, 2025 | in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory. | ||
| CVE-2025-27534 | Low | 0.21 | 3.3 | 0.00 | Apr 7, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory. | ||
| CVE-2025-25057 | Low | 0.21 | 3.3 | 0.00 | Apr 7, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory. | ||
| CVE-2025-24304 | Low | 0.21 | 3.3 | 0.00 | Apr 7, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds write. | ||
| CVE-2025-22842 | Low | 0.21 | 3.3 | 0.00 | Apr 7, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. | ||
| CVE-2025-22452 | Low | 0.21 | 3.3 | 0.00 | Apr 7, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. | ||
| CVE-2025-20102 | Low | 0.21 | 3.3 | 0.00 | Apr 7, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. | ||
| CVE-2025-23418 | Low | 0.21 | 3.3 | 0.00 | Mar 4, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. | ||
| CVE-2025-23234 | Low | 0.21 | 3.3 | 0.00 | Mar 4, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through buffer overflow. | ||
| CVE-2025-22897 | Low | 0.21 | 3.3 | 0.00 | Mar 4, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through buffer overflow. | ||
| CVE-2025-22847 | Low | 0.21 | 3.3 | 0.00 | Mar 4, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. | ||
| CVE-2025-22841 | Low | 0.21 | 3.3 | 0.00 | Mar 4, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. | ||
| CVE-2025-22837 | Low | 0.21 | 3.3 | 0.00 | Mar 4, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through NULL pointer dereference. | ||
| CVE-2025-22443 | Low | 0.21 | 3.3 | 0.00 | Mar 4, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. | ||
| CVE-2025-21097 | Low | 0.21 | 3.3 | 0.00 | Mar 4, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through NULL pointer dereference. | ||
| CVE-2025-21089 | Low | 0.21 | 3.3 | 0.00 | Mar 4, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. | ||
| CVE-2025-20021 | Low | 0.21 | 3.3 | 0.00 | Mar 4, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. | ||
| CVE-2025-20011 | Low | 0.21 | 3.3 | 0.00 | Mar 4, 2025 | in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory. | ||
| CVE-2024-47402 | Low | 0.21 | 3.3 | 0.00 | Nov 5, 2024 | in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through out-of-bounds read. | ||
| CVE-2024-45382 | Low | 0.21 | 3.3 | 0.00 | Oct 8, 2024 | in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through out-of-bounds write. | ||
| CVE-2024-43697 | Low | 0.21 | 3.3 | 0.00 | Oct 8, 2024 | in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through improper input. | ||
| CVE-2024-43696 | Low | 0.21 | 3.3 | 0.00 | Oct 8, 2024 | in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS by memory leak. | ||
| CVE-2024-28044 | Low | 0.21 | 3.3 | 0.00 | Sep 2, 2024 | in OpenHarmony v4.1.0 and prior versions allow a local attacker cause crash through integer overflow. | ||
| CVE-2024-36278 | Low | 0.21 | 3.3 | 0.00 | Jul 2, 2024 | in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion. | ||
| CVE-2024-31071 | Low | 0.21 | 3.3 | 0.00 | Jul 2, 2024 | in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion. | ||
| CVE-2024-3757 | Low | 0.21 | 3.3 | 0.00 | May 7, 2024 | in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through integer overflow. | ||
| CVE-2024-31078 | Low | 0.21 | 3.3 | 0.00 | May 7, 2024 | in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through NULL pointer dereference. |
- risk 0.25cvss 3.8epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.
- risk 0.25cvss 3.8epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through through NULL pointer dereference.. This vulnerability can be exploited only in restricted scenarios.
- risk 0.25cvss 3.8epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.
- risk 0.25cvss 3.8epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.
- risk 0.25cvss 3.8epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.
- risk 0.25cvss 3.8epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. This vulnerability can be exploited only in restricted scenarios.
- risk 0.25cvss 3.8epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. This vulnerability can be exploited only in restricted scenarios.
- risk 0.25cvss 3.9epss 0.00
OpenHarmony v3.2.1 and prior version has a system call function usage error. Local attackers can crash kernel by the error input.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through out-of-bounds read.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through buffer overflow.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds write.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through buffer overflow.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through buffer overflow.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through NULL pointer dereference.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through NULL pointer dereference.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through out-of-bounds read.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through out-of-bounds write.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through improper input.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS by memory leak.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause crash through integer overflow.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through integer overflow.
- risk 0.21cvss 3.3epss 0.00
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through NULL pointer dereference.
Page 3 of 4