Vulnerabilities > Openharmony

DATE CVE VULNERABILITY TITLE RISK
2022-10-14 CVE-2022-42463 Improper Authentication vulnerability in Openharmony 3.1/3.1.1/3.1.2
OpenHarmony-v3.1.2 and prior versions have an authenication bypass vulnerability in a callback handler function of Softbus_server in communication subsystem.
low complexity
openharmony CWE-287
8.8
2022-10-14 CVE-2022-42464 Incorrect Default Permissions vulnerability in Openharmony
OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have a Kernel memory pool override vulnerability in /dev/mmz_userdev device driver.
local
low complexity
openharmony CWE-276
7.8
2022-10-14 CVE-2022-42488 Missing Authorization vulnerability in Openharmony 3.1/3.1.1/3.1.2
OpenHarmony-v3.1.2 and prior versions have a Missing permission validation vulnerability in param service of startup subsystem.
local
low complexity
openharmony CWE-862
7.8
2022-09-09 CVE-2022-36423 Out-of-bounds Write vulnerability in multiple products
OpenHarmony-v3.1.2 and prior versions have an incorrect configuration of the cJSON library, which leads a Stack overflow vulnerability during recursive parsing.
low complexity
openharmony openatom CWE-787
7.4
2022-09-09 CVE-2022-38064 Improper Authentication vulnerability in Openharmony 3.1/3.1.1/3.1.2
OpenHarmony-v3.1.2 and prior versions have a permission bypass vulnerability.
local
low complexity
openharmony CWE-287
5.5
2022-09-09 CVE-2022-38081 Improper Authentication vulnerability in Openharmony 3.1/3.1.1/3.1.2
OpenHarmony-v3.1.2 and prior versions have a permission bypass vulnerability.
local
low complexity
openharmony CWE-287
5.5
2022-09-09 CVE-2022-38700 Improper Authentication vulnerability in Openharmony 3.1.1
OpenHarmony-v3.1.1 and prior versions have a permission bypass vulnerability.
low complexity
openharmony CWE-287
8.8
2022-09-09 CVE-2022-38701 Out-of-bounds Write vulnerability in multiple products
OpenHarmony-v3.1.2 and prior versions have a heap overflow vulnerability.
local
low complexity
openharmony openatom CWE-787
3.3