Vulnerabilities > Openatom > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-02 | CVE-2024-36243 | Out-of-bounds Write vulnerability in Openatom Openharmony in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds read and write. | 9.8 |
| 2024-07-02 | CVE-2024-36260 | Out-of-bounds Write vulnerability in Openatom Openharmony in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write. | 9.8 |
| 2024-07-02 | CVE-2024-37030 | Use After Free vulnerability in Openatom Openharmony in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through use after free. | 9.8 |
| 2024-07-02 | CVE-2024-37077 | Out-of-bounds Write vulnerability in Openatom Openharmony in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write. | 9.8 |
| 2024-07-02 | CVE-2024-37185 | Out-of-bounds Write vulnerability in Openatom Openharmony in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write. | 9.8 |
| 2022-12-19 | CVE-2021-33640 | Use After Free vulnerability in multiple products After tar_close(), libtar.c releases the memory pointed to by pointer t. | 9.8 |
| 2022-08-10 | CVE-2021-33643 | Out-of-bounds Read vulnerability in multiple products An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read. | 9.1 |