Vulnerabilities > Openharmony

DATE CVE VULNERABILITY TITLE RISK
2023-01-09 CVE-2022-43662 Out-of-bounds Write vulnerability in multiple products
Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysTimerGettime.
local
low complexity
openharmony openatom CWE-787
7.8
2023-01-09 CVE-2022-45126 Out-of-bounds Write vulnerability in multiple products
Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGettime.
local
low complexity
openharmony openatom CWE-787
7.8
2022-12-08 CVE-2022-41802 Out-of-bounds Write vulnerability in multiple products
Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGetres.
local
low complexity
openharmony openatom CWE-787
3.3
2022-12-08 CVE-2022-44455 Classic Buffer Overflow vulnerability in multiple products
The appspawn and nwebspawn services within OpenHarmony-v3.1.2 and prior versions were found to be vulnerable to buffer overflow vulnerability due to insufficient input validation.
local
low complexity
openharmony openatom CWE-120
7.8
2022-12-08 CVE-2022-45118 Incorrect Default Permissions vulnerability in Openharmony
OpenHarmony-v3.1.2 and prior versions had a vulnerability that telephony in communication subsystem sends public events with personal data, but the permission is not set.
local
low complexity
openharmony CWE-276
5.5
2022-12-08 CVE-2022-45877 Cleartext Transmission of Sensitive Information vulnerability in Openharmony
OpenHarmony-v3.1.4 and prior versions had an vulnerability.
high complexity
openharmony CWE-319
5.3
2022-11-03 CVE-2022-43449 Files or Directories Accessible to External Parties vulnerability in Openharmony 3.1/3.1.1/3.1.2
OpenHarmony-v3.1.2 and prior versions had an Arbitrary file read vulnerability via download_server.
local
low complexity
openharmony CWE-552
5.5
2022-11-03 CVE-2022-43451 Path Traversal vulnerability in Openharmony 3.1/3.1.1/3.1.2
OpenHarmony-v3.1.2 and prior versions had an Multiple path traversal vulnerability in appspawn and nwebspawn services.
local
low complexity
openharmony CWE-22
6.5
2022-11-03 CVE-2022-43495 NULL Pointer Dereference vulnerability in Openharmony 3.1/3.1.1/3.1.2
OpenHarmony-v3.1.2 and prior versions had a DOS vulnerability in distributedhardware_device_manager when joining a network.
network
low complexity
openharmony CWE-476
7.5
2022-10-14 CVE-2022-41686 Out-of-bounds Write vulnerability in multiple products
OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have an Out-of-bound memory read and write vulnerability in /dev/mmz_userdev device driver.
local
low complexity
openharmony openatom CWE-787
4.4