Vulnerabilidades en OpenHarmony
177 resultadosCVE-2023-46100MEDIUMCert manager has a use of uninitialized resource vulnerabilityEPSS 0.2%CVE-2022-44455MEDIUMThe appspawn and nwebspawn services were found to be vulnerable to buffer overflow vulnerability due to insufficient input validation.EPSS 0.2%CVE-2024-38386HIGHArkcompiler Ets Runtime has an out-of-bounds write vulnerabilityEPSS 0.2%CVE-2024-3759MEDIUMHmdfs has a use after free vulnerabilityEPSS 0.2%CVE-2024-21826MEDIUMHuks has an insecure storage of sensitive information vulnerabilityEPSS 0.2%CVE-2024-3758MEDIUMHmdfs has a heap buffer overflow vulnerabilityEPSS 0.2%CVE-2023-47217MEDIUMArkruntime has a buffer overflow vulnerabilityEPSS 0.2%CVE-2024-27217MEDIUMMSDP has a use after free vulnerabilityEPSS 0.2%CVE-2024-3757LOWArkcompiler runtime has an integer overflow vulnerabilityEPSS 0.2%CVE-2023-43612HIGHHiview has an improper preservation of permissions vulnerabilityEPSS 0.2%CVE-2024-23808MEDIUMArkcompiler ets frontend has an out-of-bounds read vulnerabilityEPSS 0.2%CVE-2024-41157HIGHLiteos-A has an use after free vulnerabilityEPSS 0.2%CVE-2023-42774MEDIUMLiteos-A has a incorrect default permissions vulnerabilityEPSS 0.2%CVE-2024-22098MEDIUMAVSession has a use after free vulnerabilityEPSS 0.2%CVE-2022-38701MEDIUMIPC in communication subsystem has a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive information.EPSS 0.2%CVE-2022-43451HIGHMultiple path traversal in appspawn and nwebspawn services.EPSS 0.2%CVE-2022-42464MEDIUMKernel memory pool override in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could disclose sensitive information including kernel pointer, which could be used in furth ...EPSS 0.2%CVE-2023-3116HIGHLiteos-A has a incorrect default permissions vulnerabilityEPSS 0.2%CVE-2023-0036MEDIUMplatform_callback_stub in misc subsystem has an authentication bypass vulnerability which allows an "SA relay attack".EPSS 0.2%CVE-2023-0035MEDIUMsoftbus_client_stub in communication subsystem has an authentication bypass vulnerability which allows an "SA relay attack".EPSS 0.2%