| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-41686 | Out-of-bound memory read and write in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could read out-of-bound memory leading sensitive to information disclosure. The proc ... | OpenHarmony | OpenHarmony | Medium | 5.1 | 2022-10-14 14:40:05 | Deep Dive |
| CVE-2022-42488 | Startup subsystem missed permission validation in param service. An malicious application installed on the device could elevate its privileges to the root user, disable security features, or cause DoS by disabling particular services. | OpenHarmony | OpenHarmony | High | 8.4 | 2022-10-14 14:40:00 | Deep Dive |
| CVE-2022-38064 | windowmanager in window subsystem has a permission bypass vulnerability. Local attackers can bypass permission control and get sensitive information. | OpenHarmony | OpenHarmony | Medium | 6.2 | 2022-09-09 14:39:57 | Deep Dive |
| CVE-2022-38081 | Tokensync in security subsystem has a permission bypass vulnerability. LAN attackers can bypass the distributed permission control.To take advantage of this weakness, attackers need another vulnerability to obtain system. | OpenHarmony | OpenHarmony | Medium | 6.2 | 2022-09-09 14:39:57 | Deep Dive |
| CVE-2022-38700 | multimedia subsystem has a permission bypass vulnerability. LAN attackers can bypass permission control and get control of camera service. | OpenHarmony | OpenHarmony | High | 8.8 | 2022-09-09 14:39:57 | Deep Dive |
| CVE-2022-38701 | IPC in communication subsystem has a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive information. | OpenHarmony | OpenHarmony | Medium | 6.2 | 2022-09-09 14:39:57 | Deep Dive |
| CVE-2022-36423 | Incorrect configuration of the cJSON library lead a Stack overflow vulnerability during recursive parsing. LAN attackers can lead a DoS attack to all network devices. | OpenHarmony | OpenHarmony | High | 7.4 | 2022-09-09 14:39:56 | Deep Dive |