Vulnerabilities > Openatom > Openharmony > High

DATE CVE VULNERABILITY TITLE RISK
2024-09-02 CVE-2024-41160 Use After Free vulnerability in Openatom Openharmony
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free.
local
low complexity
openatom CWE-416
7.8
7.8
2024-05-07 CVE-2024-23808 NULL Pointer Dereference vulnerability in Openatom Openharmony
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free or cause DOS through NULL pointer dereference.
local
low complexity
openatom CWE-476
7.8
7.8
2024-05-07 CVE-2024-27217 Use After Free vulnerability in Openatom Openharmony
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free.
local
low complexity
openatom CWE-416
7.8
7.8
2024-05-07 CVE-2024-3758 Out-of-bounds Write vulnerability in Openatom Openharmony
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through heap buffer overflow.
local
low complexity
openatom CWE-787
7.8
7.8
2024-05-07 CVE-2024-3759 Use After Free vulnerability in Openatom Openharmony
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through use after free.
local
low complexity
openatom CWE-416
7.8
7.8
2024-04-02 CVE-2024-22092 Authentication Bypass by Spoofing vulnerability in Openatom Openharmony
in OpenHarmony v3.2.4 and prior versions allow a remote attacker bypass permission verification to install apps, although these require user action.
network
low complexity
openatom CWE-290
7.4
7.4
2024-04-02 CVE-2024-22098 Use After Free vulnerability in Openatom Openharmony
in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through use after free.
local
low complexity
openatom CWE-416
8.8
8.8
2024-04-02 CVE-2024-24581 Out-of-bounds Write vulnerability in Openatom Openharmony
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution through out-of-bounds write.
local
low complexity
openatom CWE-787
7.8
7.8
2024-04-02 CVE-2024-28226 Unspecified vulnerability in Openatom Openharmony
in OpenHarmony v4.0.0 and prior versions allow a remote attacker cause DOS through improper input.
network
low complexity
openatom
7.5
7.5
2024-04-02 CVE-2024-28951 Use After Free vulnerability in Openatom Openharmony 4.0
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free.
local
low complexity
openatom CWE-416
7.8
7.8