) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:openharmony:openharmony:1.0:*:*:*:-:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2023-43756 |
in OpenHarmony v3.2.4 and prior versions allow a local attacker causes information leak through out-of-bounds Read. Published: February 02, 2024; 2:15:08 AM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2023-49142 |
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia audio crash through modify a released pointer. Published: January 02, 2024; 3:15:10 AM -0500 |
V4.0:(not available) V3.1: 3.3 LOW V2.0:(not available) |
| CVE-2023-49135 |
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia player crash through modify a released pointer. Published: January 02, 2024; 3:15:09 AM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2023-48360 |
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia player crash through modify a released pointer. Published: January 02, 2024; 3:15:09 AM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2023-47857 |
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia camera crash through modify a released pointer. Published: January 02, 2024; 3:15:09 AM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2023-47216 |
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause DOS through occupy all resources Published: January 02, 2024; 3:15:09 AM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2023-6045 |
in OpenHarmony v3.2.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through type confusion. Published: November 20, 2023; 7:15:09 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-47217 |
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause DOS through buffer overflow. Published: November 20, 2023; 7:15:08 AM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2023-46705 |
in OpenHarmony v3.2.2 and prior versions allow a local attacker causes system information leak through type confusion. Published: November 20, 2023; 7:15:08 AM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2023-46100 |
in OpenHarmony v3.2.2 and prior versions allow a local attacker get sensitive buffer information through use of uninitialized resource. Published: November 20, 2023; 7:15:08 AM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2023-43612 |
in OpenHarmony v3.2.2 and prior versions allow a local attacker arbitrary file read and write through improper preservation of permissions. Published: November 20, 2023; 7:15:08 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-42774 |
in OpenHarmony v3.2.2 and prior versions allow a local attacker get confidential information through incorrect default permissions. Published: November 20, 2023; 7:15:08 AM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2023-3116 |
in OpenHarmony v3.2.2 and prior versions allow a local attacker get confidential information or rewrite sensitive file through incorrect default permissions. Published: November 20, 2023; 7:15:07 AM -0500 |
V4.0:(not available) V3.1: 7.1 HIGH V2.0:(not available) |
| CVE-2023-4753 |
OpenHarmony v3.2.1 and prior version has a system call function usage error. Local attackers can crash kernel by the error input. Published: September 21, 2023; 6:15:09 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |