CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-9978 – Liteos_a has an out-of-bounds read vulnerability
https://notcve.org/view.php?id=CVE-2024-9978
03 Dec 2024 — in OpenHarmony v4.1.1 and prior versions allow a local attacker cause information leak through out-of-bounds Read. en OpenHarmony v4.1.1 y versiones anteriores, se permite que un atacante local provoque fugas de información a través de lecturas fuera de los límites. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-12.md • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-12082 – Ability Runtime has an out-of-bounds read permission bypass vulnerability
https://notcve.org/view.php?id=CVE-2024-12082
03 Dec 2024 — in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read. en OpenHarmony v4.0.0 y versiones anteriores se permite que un atacante local provoque fugas de información a través de lecturas fuera de los límites. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-12.md • CWE-125: Out-of-bounds Read CWE-922: Insecure Storage of Sensitive Information •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-10074 – Liteos_a has an use after free vulnerability
https://notcve.org/view.php?id=CVE-2024-10074
03 Dec 2024 — in OpenHarmony v4.1.1 and prior versions allow a local attacker cause the common permission is upgraded to root through use after free. en OpenHarmony v4.1.1 y versiones anteriores se permite que un atacante local haga que el permiso común se actualice a root mediante el uso use after free. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-12.md • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45382 – Liteos_a has an Out-of-bounds Write vulnerability
https://notcve.org/view.php?id=CVE-2024-45382
08 Oct 2024 — in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through out-of-bounds write. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-10.md • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-43697 – Liteos_a has an Improper Input Validation vulnerability
https://notcve.org/view.php?id=CVE-2024-43697
08 Oct 2024 — in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through improper input. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-10.md • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-43696 – Liteos_a has an Memory Leak vulnerability
https://notcve.org/view.php?id=CVE-2024-43696
08 Oct 2024 — in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS by memory leak. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-10.md • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0CVE-2024-39831 – AccessTokenManager has an use after free vulnerability
https://notcve.org/view.php?id=CVE-2024-39831
08 Oct 2024 — in OpenHarmony v4.1.0 allow a local attacker with high privileges arbitrary code execution in pre-installed apps through use after free. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-10.md • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-39806 – Liteos_a has an out-of-bounds Read vulnerability
https://notcve.org/view.php?id=CVE-2024-39806
08 Oct 2024 — in OpenHarmony v4.1.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-10.md • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-41160 – Liteos-A has an use after free vulnerability
https://notcve.org/view.php?id=CVE-2024-41160
02 Sep 2024 — in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free. en OpenHarmony v4.1.0 y versiones anteriores se permite que un atacante local haga que el permiso común se actualice a superusuario y se filtre información confidencial mediante use after free. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-09.md • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-41157 – Liteos-A has an use after free vulnerability
https://notcve.org/view.php?id=CVE-2024-41157
02 Sep 2024 — in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free. en OpenHarmony v4.1.0 y versiones anteriores se permite que un atacante local haga que el permiso común se actualice a superusuario y se filtre información confidencial mediante use after free. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-09.md • CWE-416: Use After Free •