Vulnerabilities (CVE)

Filtered by vendor Openatom Subscribe
Total 60 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-49135 1 Openatom 1 Openharmony 2024-09-09 N/A 5.5 MEDIUM
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia player crash through modify a released pointer.
CVE-2024-21851 1 Openatom 1 Openharmony 2024-09-09 N/A 7.8 HIGH
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause heap overflow through integer overflow.
CVE-2023-3116 1 Openatom 1 Openharmony 2024-09-09 N/A 7.1 HIGH
in OpenHarmony v3.2.2 and prior versions allow a local attacker get confidential information or rewrite sensitive file through incorrect default permissions.
CVE-2023-47216 1 Openatom 1 Openharmony 2024-09-09 N/A 5.5 MEDIUM
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause DOS through occupy all resources
CVE-2023-4753 1 Openatom 1 Openharmony 2024-09-09 N/A 5.5 MEDIUM
OpenHarmony v3.2.1 and prior version has a system call function usage error. Local attackers can crash kernel by the error input.
CVE-2023-43612 1 Openatom 1 Openharmony 2024-09-09 N/A 7.8 HIGH
in OpenHarmony v3.2.2 and prior versions allow a local attacker arbitrary file read and write through improper preservation of permissions.
CVE-2023-0036 1 Openatom 1 Openharmony 2024-09-09 N/A 7.8 HIGH
platform_callback_stub in misc subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege.
CVE-2023-49142 1 Openatom 1 Openharmony 2024-09-09 N/A 3.3 LOW
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia audio crash through modify a released pointer.
CVE-2024-0285 1 Openatom 1 Openharmony 2024-09-09 N/A 5.5 MEDIUM
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through improper input.
CVE-2022-36423 2 Openatom, Openharmony 2 Openharmony, Openharmony 2024-09-09 N/A 7.4 HIGH
OpenHarmony-v3.1.2 and prior versions have an incorrect configuration of the cJSON library, which leads a Stack overflow vulnerability during recursive parsing. LAN attackers can lead a DoS attack to all network devices.
CVE-2024-31071 1 Openatom 1 Openharmony 2024-09-09 N/A 3.3 LOW
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion.
CVE-2024-36278 1 Openatom 1 Openharmony 2024-09-09 N/A 3.3 LOW
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion.
CVE-2024-28044 1 Openatom 1 Openharmony 2024-09-04 N/A 5.5 MEDIUM
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause crash through integer overflow.
CVE-2024-38382 1 Openatom 1 Openharmony 2024-09-04 N/A 5.5 MEDIUM
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read.
CVE-2024-38386 1 Openatom 1 Openharmony 2024-09-04 N/A 7.8 HIGH
in OpenHarmony v4.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write.
CVE-2024-39612 1 Openatom 1 Openharmony 2024-09-04 N/A 5.5 MEDIUM
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read.
CVE-2024-39775 1 Openatom 1 Openharmony 2024-09-04 N/A 7.5 HIGH
in OpenHarmony v4.1.0 and prior versions allow a remote attacker cause information leak through out-of-bounds Read.
CVE-2024-39816 1 Openatom 1 Openharmony 2024-09-04 N/A 7.8 HIGH
in OpenHarmony v4.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write.
CVE-2024-41157 1 Openatom 1 Openharmony 2024-09-04 N/A 7.8 HIGH
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free.
CVE-2021-33639 1 Openatom 1 Openeuler Kernel 2024-02-04 N/A 7.5 HIGH
REMAP cmd of SVM driver can be used to remap read only memory as read-write, then cause read only memory/file modified.