Vulnerabilities > Openatom
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-07 | CVE-2024-23808 | NULL Pointer Dereference vulnerability in Openatom Openharmony in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free or cause DOS through NULL pointer dereference. | 7.8 |
| 2024-05-07 | CVE-2024-27217 | Use After Free vulnerability in Openatom Openharmony in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. | 7.8 |
| 2024-05-07 | CVE-2024-31078 | NULL Pointer Dereference vulnerability in Openatom Openharmony in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through NULL pointer dereference. | 5.5 |
| 2024-05-07 | CVE-2024-3757 | Integer Overflow or Wraparound vulnerability in Openatom Openharmony in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through integer overflow. | 5.5 |
| 2024-05-07 | CVE-2024-3758 | Out-of-bounds Write vulnerability in Openatom Openharmony in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through heap buffer overflow. | 7.8 |
| 2024-05-07 | CVE-2024-3759 | Use After Free vulnerability in Openatom Openharmony in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through use after free. | 7.8 |
| 2024-04-02 | CVE-2024-21834 | Type Confusion vulnerability in Openatom Openharmony in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through type confusion. | 5.5 |
| 2024-04-02 | CVE-2024-22092 | Authentication Bypass by Spoofing vulnerability in Openatom Openharmony in OpenHarmony v3.2.4 and prior versions allow a remote attacker bypass permission verification to install apps, although these require user action. | 7.4 |
| 2024-04-02 | CVE-2024-22098 | Use After Free vulnerability in Openatom Openharmony in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through use after free. | 8.8 |
| 2024-04-02 | CVE-2024-22177 | Improper Preservation of Permissions vulnerability in Openatom Openharmony in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through get permission. | 5.5 |