Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 167 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2023-3116 Liteos-A has a incorrect default permissions vulnerability OpenHarmonyOpenHarmony High 7.3 2023-11-20 11:44:26 Deep Dive
CVE-2023-4753 OpenHarmony v3.2.1 and prior version has a system call function usage error OpenHarmonyOpenHarmony Low 3.9 2023-09-21 09:16:57 Deep Dive
CVE-2023-25947 The bundle management subsystem has a improper input validation when installing a HAP package. OpenHarmonyOpenHarmony Medium 6.2 2023-03-10 10:45:31 Deep Dive
CVE-2023-24465 Communication Wi-Fi  subsystem has a null pointer reference vulnerability when receving external data. OpenHarmonyOpenHarmony Medium 5.5 2023-03-10 10:45:13 Deep Dive
CVE-2023-22436 The kernel subsystem function check_permission_for_set_tokenid has an UAF vulnerability. OpenHarmonyOpenHarmony High 7.8 2023-03-10 10:44:55 Deep Dive
CVE-2023-22301 The kernel subsystem hmdfs has a arbitrary memory accessing vulnerability. OpenHarmonyOpenHarmony Medium 6.5 2023-03-10 10:44:38 Deep Dive
CVE-2023-0083 The ArkUI framework subsystem doesn't check the input parameter,causing type confusion and invalid memory access. OpenHarmonyOpenHarmony Medium 4.0 2023-03-10 10:44:23 Deep Dive
CVE-2023-0036 platform_callback_stub in misc subsystem has an authentication bypass vulnerability which allows an "SA relay attack". OpenHarmonyOpenHarmony Medium 6.5 2023-01-09 02:24:08 Deep Dive
CVE-2023-0035 softbus_client_stub in communication subsystem has an authentication bypass vulnerability which allows an "SA relay attack". OpenHarmonyOpenHarmony Medium 6.5 2023-01-09 02:23:55 Deep Dive
CVE-2022-43662 Kernel subsystem in kernel_liteos_a has a kernel stack overflow vulnerability when call SysTimerGettime. OpenHarmonyOpenHarmony Medium 4.0 2023-01-09 02:23:03 Deep Dive
CVE-2022-45126 Kernel subsystem in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGettime. OpenHarmonyOpenHarmony Medium 4.0 2023-01-09 02:22:23 Deep Dive
CVE-2022-41802 Kernel subsystem in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGetres. OpenHarmonyOpenHarmony Medium 4.0 2022-12-08 00:00:00 Deep Dive
CVE-2022-44455 The appspawn and nwebspawn services were found to be vulnerable to buffer overflow vulnerability due to insufficient input validation. OpenHarmonyOpenHarmony Medium 6.8 2022-12-08 00:00:00 Deep Dive
CVE-2022-45118 Telephony in communication subsystem sends public events with personal data, but the permission is not set. OpenHarmonyOpenHarmony Medium 6.2 2022-12-08 00:00:00 Deep Dive
CVE-2022-45877 PIN code is transmitted to the peer device in plain text during cross-device authentication, which reduces the difficulty of man-in-the-middle attacks. OpenHarmonyOpenHarmony High 8.3 2022-12-08 00:00:00 Deep Dive
CVE-2022-43495 An abnormal packet recieved when distributedhardware_device_manager joining a network could cause a device reboot. OpenHarmonyOpenHarmony Medium 6.5 2022-11-03 19:15:16 Deep Dive
CVE-2022-43449 Arbitrary file read via download_server. OpenHarmonyOpenHarmony Medium 6.2 2022-11-03 19:15:14 Deep Dive
CVE-2022-43451 Multiple path traversal in appspawn and nwebspawn services. OpenHarmonyOpenHarmony High 8.4 2022-11-03 19:15:11 Deep Dive
CVE-2022-42464 Kernel memory pool override in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could disclose sensitive information including kernel pointer, which could be used in furth ... OpenHarmonyOpenHarmony Medium 6.7 2022-10-14 14:40:12 Deep Dive
CVE-2022-42463 Softbus_server in communication subsystem has a authenication bypass vulnerability in a callback handler function. Attackers can launch attacks on distributed networks by sending Bluetooth rfcomm packets to any remote device and executing arbitrary co ... OpenHarmonyOpenHarmony High 8.3 2022-10-14 14:40:09 Deep Dive