VYPR

Vendor CVEs

OpenHarmony

All CVEs

179 total · sorted by risk
  • CVE-2024-29086LowApr 2, 2024
    risk 0.21cvss 3.3epss 0.00

    in OpenHarmony v3.2.4 and prior versions allow a local attacker cause DOS through stack overflow.

  • CVE-2024-22180LowApr 2, 2024
    risk 0.21cvss 3.3epss 0.00

    in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through use after free.

  • CVE-2024-22177LowApr 2, 2024
    risk 0.21cvss 3.3epss 0.00

    in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through get permission.

  • CVE-2024-21834LowApr 2, 2024
    risk 0.21cvss 3.3epss 0.00

    in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through type confusion.

  • CVE-2021-22294LowMar 2, 2021
    risk 0.21cvss 3.3epss 0.00

    A component API of the HarmonyOS 2.0 has a permission bypass vulnerability. Local attackers may exploit this vulnerability to issue commands repeatedly, exhausting system service resources.

  • CVE-2023-49602LowMar 4, 2024
    risk 0.19cvss 2.9epss 0.00

    in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through type confusion.

  • CVE-2023-25176LowMar 4, 2024
    risk 0.19cvss 2.9epss 0.00

    in OpenHarmony v3.2.4 and prior versions allow a local attacker cause information leak through out-of-bounds Read.

  • CVE-2024-21851LowFeb 2, 2024
    risk 0.19cvss 2.9epss 0.00

    in OpenHarmony v4.0.0 and prior versions allow a local attacker cause heap overflow through integer overflow.

  • CVE-2024-21845LowFeb 2, 2024
    risk 0.19cvss 2.9epss 0.00

    in OpenHarmony v4.0.0 and prior versions allow a local attacker cause heap overflow through integer overflow.

  • CVE-2023-49118LowFeb 2, 2024
    risk 0.19cvss 2.9epss 0.00

    in OpenHarmony v3.2.4 and prior versions allow a local attacker causes information leak through out-of-bounds Read.

  • CVE-2023-43756LowFeb 2, 2024
    risk 0.19cvss 2.9epss 0.00

    in OpenHarmony v3.2.4 and prior versions allow a local attacker causes information leak through out-of-bounds Read.

  • CVE-2023-47216LowJan 2, 2024
    risk 0.19cvss 2.9epss 0.00

    in OpenHarmony v3.2.2 and prior versions allow a local attacker cause DOS through occupy all resources

  • CVE-2025-6969Mar 16, 2026
    risk 0.00cvss epss 0.00

    in OpenHarmony v5.1.0 and prior versions allow a local attacker cause DOS through improper input.

  • CVE-2025-26474Mar 16, 2026
    risk 0.00cvss epss 0.00

    in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information improper input. This vulnerability can be exploited only in restricted scenarios.

  • CVE-2025-52458Mar 16, 2026
    risk 0.00cvss epss 0.00

    in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.

  • CVE-2025-41432Mar 16, 2026
    risk 0.00cvss epss 0.00

    in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.

  • CVE-2025-25277Mar 16, 2026
    risk 0.00cvss epss 0.00

    in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through using incompatible type. This vulnerability can be exploited only in restricted scenarios.

  • CVE-2025-12736Mar 16, 2026
    risk 0.00cvss epss 0.00

    in OpenHarmony v5.0.3 and prior versions allow a local attacker case sensitive information leak through use of uninitialized resource.

  • CVE-2026-0639Mar 16, 2026
    risk 0.00cvss epss 0.00

    in OpenHarmony v6.0 and prior versions allow a local attacker case DOS through missing release of memory.

  • CVE-2025-27562Aug 11, 2025
    risk 0.00cvss epss 0.00

    in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory.

  • CVE-2025-27128Aug 11, 2025
    risk 0.00cvss epss 0.00

    in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free.

  • CVE-2025-25212Aug 11, 2025
    risk 0.00cvss epss 0.00

    in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through improper input.

  • CVE-2025-24844Aug 11, 2025
    risk 0.00cvss epss 0.00

    in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory.

  • CVE-2025-27536Aug 11, 2025
    risk 0.00cvss epss 0.00

    in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through type confusion.

  • CVE-2025-26690Aug 11, 2025
    risk 0.00cvss epss 0.00

    in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.

  • CVE-2025-24925Aug 11, 2025
    risk 0.00cvss epss 0.00

    in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory.

  • CVE-2025-24298Aug 11, 2025
    risk 0.00cvss epss 0.00

    in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free.

  • CVE-2025-25278Aug 11, 2025
    risk 0.00cvss epss 0.00

    in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition.

  • CVE-2025-27577Aug 11, 2025
    risk 0.00cvss epss 0.00

    in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition.

Page 4 of 4