CVE-2024-37185 – Arkcompiler Ets Runtime has an out-of-bounds write vulnerability
https://notcve.org/view.php?id=CVE-2024-37185
in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-07.md • CWE-787: Out-of-bounds Write •
CVE-2024-36260 – Arkcompiler Ets Runtime has an out-of-bounds write vulnerability
https://notcve.org/view.php?id=CVE-2024-36260
in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-07.md • CWE-787: Out-of-bounds Write •
CVE-2024-36243 – Arkcompiler Ets Runtime has an out-of-bounds read vulnerability
https://notcve.org/view.php?id=CVE-2024-36243
in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds read and write. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-07.md • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVE-2024-37030 – Arkcompiler Ets Runtime has a use after free vulnerability
https://notcve.org/view.php?id=CVE-2024-37030
in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through use after free. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-07.md • CWE-416: Use After Free •
CVE-2023-41917 – Improper input validation in Kiloview P1/P2 devices allows for remote code execution
https://notcve.org/view.php?id=CVE-2023-41917
Attackers can exploit this vulnerability by appending shell commands to the Speed-Measurement feature, enabling unauthorized code execution. • https://advisories.ncsc.nl/advisory?id=NCSC-2024-0273 • CWE-20: Improper Input Validation •