Filtered by vendor Openatom Subscriptions
Total 60 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-21860 1 Openatom 1 Openharmony 2024-11-08 8.2 High
in OpenHarmony v4.0.0 and prior versions allow an adjacent attacker arbitrary code execution in any apps through use after free.
CVE-2024-47137 1 Openatom 1 Openharmony 2024-11-06 8.4 High
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through out-of-bounds write.
CVE-2024-47402 1 Openatom 1 Openharmony 2024-11-06 3.3 Low
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through out-of-bounds read.
CVE-2024-47404 1 Openatom 1 Openharmony 2024-11-06 8.4 High
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through double free.
CVE-2024-47797 1 Openatom 1 Openharmony 2024-11-06 8.4 High
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through out-of-bounds write.
CVE-2024-45382 1 Openatom 1 Openharmony 2024-10-16 3.3 Low
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through out-of-bounds write.
CVE-2024-43697 1 Openatom 1 Openharmony 2024-10-16 3.3 Low
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through improper input.
CVE-2024-43696 1 Openatom 1 Openharmony 2024-10-16 3.3 Low
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS by memory leak.
CVE-2024-39831 1 Openatom 1 Openharmony 2024-10-16 4.4 Medium
in OpenHarmony v4.1.0 allow a local attacker with high privileges arbitrary code execution in pre-installed apps through use after free.
CVE-2024-39806 1 Openatom 1 Openharmony 2024-10-16 5.5 Medium
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read.
CVE-2022-36423 2 Openatom, Openharmony 2 Openharmony, Openharmony 2024-09-17 7.4 High
OpenHarmony-v3.1.2 and prior versions have an incorrect configuration of the cJSON library, which leads a Stack overflow vulnerability during recursive parsing. LAN attackers can lead a DoS attack to all network devices.
CVE-2022-41686 2 Openatom, Openharmony 2 Openharmony, Openharmony 2024-09-17 5.1 Medium
OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have an Out-of-bound memory read and write vulnerability in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could read out-of-bound memory leading sensitive to information disclosure. The processes with system user UID run on the device would be able to write out-of-bound memory which could lead to unspecified memory corruption.
CVE-2022-38701 2 Openatom, Openharmony 2 Openharmony, Openharmony 2024-09-16 6.2 Medium
OpenHarmony-v3.1.2 and prior versions have a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive information.
CVE-2023-49142 1 Openatom 1 Openharmony 2024-09-09 4 Medium
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia audio crash through modify a released pointer.
CVE-2023-25947 1 Openatom 1 Openharmony 2024-09-09 6.2 Medium
The bundle management subsystem within OpenHarmony-v3.1.4 and prior versions has a null pointer reference vulnerability which local attackers can exploit this vulnerability to cause a DoS attack to the system when installing a malicious HAP package.
CVE-2023-47217 1 Openatom 1 Openharmony 2024-09-09 4 Medium
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause DOS through buffer overflow.
CVE-2024-0285 1 Openatom 1 Openharmony 2024-09-09 4.7 Medium
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through improper input.
CVE-2024-21845 1 Openatom 1 Openharmony 2024-09-09 2.9 Low
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause heap overflow through integer overflow.
CVE-2024-21851 1 Openatom 1 Openharmony 2024-09-09 2.9 Low
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause heap overflow through integer overflow.
CVE-2023-42774 1 Openatom 1 Openharmony 2024-09-09 6.2 Medium
in OpenHarmony v3.2.2 and prior versions allow a local attacker get confidential information through incorrect default permissions.