Openatom Openharmony
156 CVEs affecting Openatom Openharmony. Latest disclosed: 2026-03-16. Critical: 0, High: 27.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-0304 | High | 8.8 | 2025-02-07 | in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use afte… |
CVE-2025-0303 | High | 8.8 | 2025-02-07 | in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through buffer o… |
CVE-2024-47398 | High | 8.8 | 2025-01-07 | in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the device is unable to boot up through out-of-bounds write. |
CVE-2024-10074 | High | 8.8 | 2024-12-03 | in OpenHarmony v4.1.1 and prior versions allow a local attacker cause the common permission is upgraded to root through use after free. |
CVE-2024-41160 | High | 8.8 | 2024-09-02 | in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use afte… |
CVE-2024-41157 | High | 8.8 | 2024-09-02 | in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use afte… |
CVE-2025-27577 | High | 8.4 | 2025-08-11 | in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition. |
CVE-2025-27128 | High | 8.4 | 2025-08-11 | in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free. |
CVE-2025-25278 | High | 8.4 | 2025-08-11 | in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition. |
CVE-2025-24298 | High | 8.4 | 2025-08-11 | in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free. |
CVE-2024-47797 | High | 8.4 | 2024-11-05 | in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through out-of-b… |
CVE-2024-47404 | High | 8.4 | 2024-11-05 | in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through double f… |
CVE-2024-47137 | High | 8.4 | 2024-11-05 | in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through out-of-b… |
CVE-2024-39816 | High | 8.4 | 2024-09-02 | in OpenHarmony v4.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. |
CVE-2024-38386 | High | 8.4 | 2024-09-02 | in OpenHarmony v4.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. |
CVE-2023-43612 | High | 8.4 | 2023-11-20 | in OpenHarmony v3.2.2 and prior versions allow a local attacker arbitrary file read and write through improper preservation of permissions. |
CVE-2024-37185 | High | 8.2 | 2024-07-02 | in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write. |
CVE-2024-37077 | High | 8.2 | 2024-07-02 | in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write. |
CVE-2024-37030 | High | 8.2 | 2024-07-02 | in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through use after free. |
CVE-2024-36260 | High | 8.2 | 2024-07-02 | in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write. |