Vulnerabilidades en OpenHarmony
177 resultadosCVE-2023-0035MEDIUMsoftbus_client_stub in communication subsystem has an authentication bypass vulnerability which allows an "SA relay attack".EPSS 0.2%CVE-2022-41802MEDIUMKernel subsystem in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGetres.EPSS 0.2%CVE-2024-29074MEDIUMTelephony has an improper input validation vulnerabilityEPSS 0.2%CVE-2024-24581MEDIUMArkcompiler runtime has an out-of-bounds write vulnerabilityEPSS 0.2%CVE-2024-28951MEDIUMArkcompiler runtime has a use after free vulnerabilityEPSS 0.2%CVE-2022-43662MEDIUMKernel subsystem in kernel_liteos_a has a kernel stack overflow vulnerability when call SysTimerGettime.EPSS 0.2%CVE-2022-45126MEDIUMKernel subsystem in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGettime.EPSS 0.2%CVE-2023-22436HIGHThe kernel subsystem function check_permission_for_set_tokenid has an UAF vulnerability.EPSS 0.2%CVE-2024-21845LOWDsoftbus has an integer overflow vulnerabilityEPSS 0.2%CVE-2024-21863MEDIUMDsoftbus has an improper input validation vulnerabilityEPSS 0.2%CVE-2024-54030MEDIUMCommunication_dsoftbus has an UAF vulnerabilityEPSS 0.2%CVE-2022-38064MEDIUMwindowmanager in window subsystem has a permission bypass vulnerability. Local attackers can bypass permission control and get sensitive information.EPSS 0.2%CVE-2022-45118MEDIUMTelephony in communication subsystem sends public events with personal data, but the permission is not set.EPSS 0.2%CVE-2022-42488HIGHStartup subsystem missed permission validation in param service. An malicious application installed on the device could elevate its privileges to the root user, disable security features, or cause DoS by disabling particular services.EPSS 0.2%CVE-2024-39816HIGHArkcompiler Ets Runtime has an out-of-bounds write vulnerabilityEPSS 0.2%CVE-2022-43449MEDIUMArbitrary file read via download_server.EPSS 0.2%CVE-2023-46708MEDIUMWlan has a use after free vulnerabilityEPSS 0.2%CVE-2025-0587LOWArkcompiler Ets Runtime has an integer overflow vulnerabilityEPSS 0.2%CVE-2025-41432MEDIUMarkcompiler_ets_runtime has an out-of-bounds write vulnerabilityEPSS 0.2%CVE-2024-0285MEDIUMDsoftbus has an improper input validation vulnerabilityEPSS 0.2%