Page 8 of 37 results (0.003 seconds)

CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0

OpenHarmony-v3.1.2 and prior versions have a permission bypass vulnerability. Local attackers can bypass permission control and get sensitive information. OpenHarmony versiones v3.1.2 y anteriores, presentan una vulnerabilidad de omisión de permisos. Los atacantes locales pueden omitir el control de permisos y conseguir información confidencial • https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-09.md • CWE-287: Improper Authentication CWE-305: Authentication Bypass by Primary Weakness •

CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 0

OpenHarmony-v3.1.2 and prior versions have an incorrect configuration of the cJSON library, which leads a Stack overflow vulnerability during recursive parsing. LAN attackers can lead a DoS attack to all network devices. OpenHarmony versiones v3.1.2 y anteriores, presentan una configuración incorrecta de la biblioteca cJSON, que conlleva a una vulnerabilidad de desbordamiento de pila durante el análisis recursivo. Los atacantes de la LAN pueden conllevar a un ataque DoS a todos los dispositivos de la red • https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-09.md • CWE-16: Configuration CWE-787: Out-of-bounds Write •