Latest openharmony openharmony Vulnerabilities

Dsoftbus has an improper input validation vulnerability
Openharmony Openharmony>=3.2.0<=3.2.4
Openharmony Openharmony=4.0
Dsoftbus has an integer overflow vulnerability
Openharmony Openharmony>=3.2.0<=3.2.4
Openharmony Openharmony=4.0
Dsoftbus has an improper input validation vulnerability
Openharmony Openharmony>=3.2.0<=3.2.4
Openharmony Openharmony=4.0
Dsoftbus has an out-of-bounds write vulnerability
Openharmony Openharmony>=3.2.0<=3.2.4
Dsoftbus has a use after free vulnerability
Openharmony Openharmony>=3.2.0<=3.2.4
Openharmony Openharmony=4.0
Dsoftbus has an integer overflow vulnerability
Openharmony Openharmony>=3.2.0<=3.2.4
Openharmony Openharmony=4.0
Dsoftbus has an out-of-bounds read vulnerability
Openharmony Openharmony>=3.2.0<=3.2.4
Dsoftbus has an out-of-bounds read vulnerability
Openharmony Openharmony<=3.2.4
multimedia audio has a UAF vulnerability
Openharmony Openharmony<=3.2.2
multimedia player has a UAF vulnerability
Openharmony Openharmony<=3.2.2
multimedia player has a UAF vulnerability
Openharmony Openharmony<=3.2.2
multimedia camera has a UAF vulnerability
Openharmony Openharmony<=3.2.2
Liteos-A has a missing release of resource vulnerability
Openharmony Openharmony<=3.2.2
Arkruntime has a buffer overflow vulnerability
Openharmony Openharmony<=3.2.2
Cert manager has a use of uninitialized resource vulnerability
Openharmony Openharmony<=3.2.2
Liteos-A has a incorrect default permissions vulnerability
Openharmony Openharmony<=3.2.2
Arkruntime has a type confusion vulnerability
Openharmony Openharmony<=3.2.2
Arkruntime has a type confusion vulnerability
Openharmony Openharmony<=3.2.2
Hiview has an improper preservation of permissions vulnerability
Openharmony Openharmony<=3.2.2
Liteos-A has a incorrect default permissions vulnerability
Openharmony Openharmony<=3.2.2
OpenHarmony v3.2.1 and prior version has a system call function usage error
<=3.2.1
Openharmony Openharmony<=3.2.1
Communication Wi-Fi subsystem within OpenHarmony-v3.1.4 and prior versions, OpenHarmony-v3.0.7 and prior versions has a null pointer reference vulnerability which local attackers can exploit this vuln...
Openharmony Openharmony>=3.0<=3.0.7
Openharmony Openharmony>=3.1<=3.1.4
The kernel subsystem function check_permission_for_set_tokenid within OpenHarmony-v3.1.5 and prior versions has an UAF vulnerability which local attackers can exploit this vulnerability to escalate th...
Openharmony Openharmony>=3.1<=3.1.5
The kernel subsystem hmdfs within OpenHarmony-v3.1.5 and prior versions has an arbitrary memory accessing vulnerability which network attackers can launch a remote attack to obtain kernel memory data ...
Openharmony Openharmony>=3.1<=3.1.5
The bundle management subsystem within OpenHarmony-v3.1.4 and prior versions has a null pointer reference vulnerability which local attackers can exploit this vulnerability to cause a DoS attack to th...
Openharmony Openharmony>=3.1<=3.1.4
The ArKUI framework subsystem within OpenHarmony-v3.1.5 and prior versions, OpenHarmony-v3.0.7 and prior versions has an Improper Input Validation vulnerability which local attackers can exploit this ...
Openharmony Openharmony>=3.0<=3.0.7
Openharmony Openharmony>=3.1<=3.1.5
Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysTimerGettime. 4 bytes padding data from kernel stack are copied ...
Openharmony Openharmony>=1.1.0<=1.1.5
Openharmony Openharmony>=3.0<=3.0.6
Openharmony Openharmony>=3.1.0<=3.1.4
platform_callback_stub in misc subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentica...
Openharmony Openharmony>=3.0<=3.0.5
softbus_client_stub in communication subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass auth...
Openharmony Openharmony>=3.0<=3.0.5
Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGettime. 4 bytes padding data from kernel stack are copied ...
Openharmony Openharmony>=1.1.0<=1.1.5
Openharmony Openharmony>=3.0<=3.0.6
Openharmony Openharmony>=3.1.0<=3.1.4
OpenHarmony-v3.1.4 and prior versions had an vulnerability. PIN code is transmitted to the peer device in plain text during cross-device authentication, which reduces the difficulty of man-in-the-midd...
Openharmony Openharmony>=3.1<=3.1.4
The appspawn and nwebspawn services within OpenHarmony-v3.1.2 and prior versions were found to be vulnerable to buffer overflow vulnerability due to insufficient input validation. An unprivileged mali...
Openharmony Openharmony>=3.0<=3.0.6
Openharmony Openharmony>=3.1<=3.1.2
OpenHarmony-v3.1.2 and prior versions had a vulnerability that telephony in communication subsystem sends public events with personal data, but the permission is not set. Malicious apps could listen t...
Openharmony Openharmony>=3.1<=3.1.4
OpenHarmony-v3.1.2 and prior versions had a DOS vulnerability in distributedhardware_device_manager when joining a network. Network attakcers can send an abonormal packet when joining a network, cause...
Openharmony Openharmony>=3.1<=3.1.2
OpenHarmony-v3.1.2 and prior versions had an Multiple path traversal vulnerability in appspawn and nwebspawn services. Local attackers can create arbitrary directories or escape application sandbox.If...
Openharmony Openharmony>=3.1<=3.1.2
OpenHarmony-v3.1.2 and prior versions had an Arbitrary file read vulnerability via download_server. Local attackers can install an malicious application on the device and reveal any file from the file...
Openharmony Openharmony>=3.1<=3.1.2
OpenHarmony-v3.1.2 and prior versions have a Missing permission validation vulnerability in param service of startup subsystem. An malicious application installed on the device could elevate its privi...
Openharmony Openharmony>=3.1<3.1.2
Openharmony Openharmony>=3.0<=3.0.6
Openharmony Openharmony>=3.1<=3.1.2
OpenHarmony-v3.1.2 and prior versions have an authenication bypass vulnerability in a callback handler function of Softbus_server in communication subsystem. Attackers can launch attacks on distribute...
Openharmony Openharmony>=3.1<=3.1.2
OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have an Out-of-bound memory read and write vulnerability in /dev/mmz_userdev device driver. The impact depends on the privileges of the ...
Openharmony Openharmony>=3.0<=3.0.6
Openharmony Openharmony>=3.1<=3.1.2
OpenHarmony-v3.1.1 and prior versions have a permission bypass vulnerability. LAN attackers can bypass permission control and get control of camera service.
Openharmony Openharmony=3.1.1
OpenHarmony-v3.1.2 and prior versions have a permission bypass vulnerability. LAN attackers can bypass the distributed permission control.To take advantage of this weakness, attackers need another vul...
Openharmony Openharmony>=3.1<=3.1.2
OpenHarmony-v3.1.2 and prior versions have a permission bypass vulnerability. Local attackers can bypass permission control and get sensitive information.
Openharmony Openharmony>=3.1<=3.1.2
OpenHarmony-v3.1.2 and prior versions have an incorrect configuration of the cJSON library, which leads a Stack overflow vulnerability during recursive parsing. LAN attackers can lead a DoS attack to ...
Openharmony Openharmony>=1.1.0<=1.1.5
Openharmony Openharmony>=3.0<=3.0.5
Openharmony Openharmony>=3.1<=3.1.2

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203