Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

OpenHarmony — Vulnerabilities & Security Advisories 167

All 167 CVE vulnerabilities found in OpenHarmony, with AI-generated Chinese analysis, references, and POCs.

Vendor: OpenHarmony

CVE IDTitleCVSSSeverityPaused
CVE-2023-25176 Pasteboard has an out-of-bounds read vulnerability CWE-125 2.9 Low2024-03-04
CVE-2024-21863 Dsoftbus has an improper input validation vulnerability CWE-20 4.7 Medium2024-02-02
CVE-2024-21851 Dsoftbus has an integer overflow vulnerability CWE-190 2.9 Low2024-02-02
CVE-2024-0285 Dsoftbus has an improper input validation vulnerability CWE-20 4.7 Medium2024-02-02
CVE-2023-45734 Dsoftbus has an out-of-bounds write vulnerability CWE-787 4.2 Medium2024-02-02
CVE-2024-21860 Dsoftbus has a use after free vulnerability CWE-416 8.2 High2024-02-02
CVE-2024-21845 Dsoftbus has an integer overflow vulnerability CWE-190 2.9 Low2024-02-02
CVE-2023-49118 Dsoftbus has an out-of-bounds read vulnerability CWE-125 2.9 Low2024-02-02
CVE-2023-43756 Dsoftbus has an out-of-bounds read vulnerability CWE-125 2.9 Low2024-02-02
CVE-2023-49142 multimedia audio has a UAF vulnerability CWE-416 4.0 Medium2024-01-02
CVE-2023-49135 multimedia player has a UAF vulnerability CWE-416 4.0 Medium2024-01-02
CVE-2023-48360 multimedia player has a UAF vulnerability CWE-416 4.0 Medium2024-01-02
CVE-2023-47857 multimedia camera has a UAF vulnerability CWE-416 4.0 Medium2024-01-02
CVE-2023-47216 Liteos-A has a missing release of resource vulnerability CWE-772 2.9 Low2024-01-02
CVE-2023-47217 Arkruntime has a buffer overflow vulnerability CWE-120 4.0 Medium2023-11-20
CVE-2023-46100 Cert manager has a use of uninitialized resource vulnerability CWE-908 6.2 Medium2023-11-20
CVE-2023-42774 Liteos-A has a incorrect default permissions vulnerability CWE-276 6.2 Medium2023-11-20
CVE-2023-6045 Arkruntime has a type confusion vulnerability CWE-843 5.9 Medium2023-11-20
CVE-2023-46705 Arkruntime has a type confusion vulnerability CWE-843 6.2 Medium2023-11-20
CVE-2023-43612 Hiview has an improper preservation of permissions vulnerability CWE-281 8.4 High2023-11-20
CVE-2023-3116 Liteos-A has a incorrect default permissions vulnerability CWE-276 7.3 High2023-11-20
CVE-2023-4753 OpenHarmony v3.2.1 and prior version has a system call function usage error CWE-20 3.9 Low2023-09-21
CVE-2023-25947 The bundle management subsystem has a improper input validation when installing a HAP package. CWE-20 6.2 Medium2023-03-10
CVE-2023-24465 Communication Wi-Fi  subsystem has a null pointer reference vulnerability when receving external data. CWE-20 5.5 Medium2023-03-10
CVE-2023-22436 The kernel subsystem function check_permission_for_set_tokenid has an UAF vulnerability. CWE-190 7.8 High2023-03-10
CVE-2023-22301 The kernel subsystem hmdfs has a arbitrary memory accessing vulnerability. CWE-20 6.5 Medium2023-03-10
CVE-2023-0083 The ArkUI framework subsystem doesn't check the input parameter,causing type confusion and invalid memory access. CWE-843 4.0 Medium2023-03-10
CVE-2023-0036 platform_callback_stub in misc subsystem has an authentication bypass vulnerability which allows an "SA relay attack". CWE-287 6.5 Medium2023-01-09
CVE-2023-0035 softbus_client_stub in communication subsystem has an authentication bypass vulnerability which allows an "SA relay attack". CWE-287 6.5 Medium2023-01-09
CVE-2022-43662 Kernel subsystem in kernel_liteos_a has a kernel stack overflow vulnerability when call SysTimerGettime. CWE-120 4.0 Medium2023-01-09

All 167 known CVE vulnerabilities affecting OpenHarmony with full Chinese analysis, references, and POCs where available.