Aggregates CVE and security vulnerability intelligence across all OpenAtom Foundation-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk memory corruption, vendor risk buffer overflow, and vendor risk input validation and related problems; some flaws may lead to vendor impact application crash.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-20091 | in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios. | [email protected] | 3.8 | 0.16% | 2025-03-03 | 2026-06-17 |
| CVE-2025-20081 | in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios. | [email protected] | 3.8 | 0.06% | 2025-03-03 | 2026-06-17 |
| CVE-2025-20042 | in OpenHarmony v5.0.2 and prior versions allow a local attacker cause information leak through out-of-bounds read. | [email protected] | 5.5 | 0.08% | 2025-03-03 | 2026-06-17 |
| CVE-2025-20024 | in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. This vulnerability can be exploited only in restricted scenarios. | [email protected] | 3.8 | 0.07% | 2025-03-03 | 2026-06-17 |
| CVE-2025-20021 | in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. | [email protected] | 3.3 | 0.06% | 2025-03-03 | 2026-06-17 |
| CVE-2025-20011 | in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory. | [email protected] | 3.3 | 0.06% | 2025-03-03 | 2026-06-17 |
| CVE-2025-0587 | in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. This vulnerability can be exploited only in restricted scenarios. | [email protected] | 3.8 | 0.17% | 2025-03-03 | 2026-06-17 |
| CVE-2025-0304 | in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free. | [email protected] | 8.8 | 0.16% | 2025-02-07 | 2026-06-17 |
| CVE-2025-0303 | in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through buffer overflow. | [email protected] | 8.8 | 0.16% | 2025-02-07 | 2026-06-17 |
| CVE-2025-0302 | in OpenHarmony v4.1.2 and prior versions allow a local attacker cause DOS through integer overflow. | [email protected] | 5.5 | 0.08% | 2025-02-07 | 2026-06-17 |
| CVE-2024-54030 | in OpenHarmony v4.1.2 and prior versions allow a local attacker cause DOS through use after free. | [email protected] | 4.4 | 0.18% | 2025-01-07 | 2026-06-17 |
| CVE-2024-47398 | in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the device is unable to boot up through out-of-bounds write. | [email protected] | 8.8 | 0.18% | 2025-01-07 | 2026-06-17 |
| CVE-2024-45070 | in OpenHarmony v4.1.2 and prior versions allow a local attacker cause information leak through out-of-bounds Read. | [email protected] | 5.5 | 0.11% | 2025-01-07 | 2026-06-17 |
| CVE-2024-9978 | in OpenHarmony v4.1.1 and prior versions allow a local attacker cause information leak through out-of-bounds Read. | [email protected] | 5.5 | 0.15% | 2024-12-03 | 2026-06-17 |
| CVE-2024-12082 | in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read. | [email protected] | 5.5 | 0.15% | 2024-12-03 | 2026-06-17 |
| CVE-2024-10074 | in OpenHarmony v4.1.1 and prior versions allow a local attacker cause the common permission is upgraded to root through use after free. | [email protected] | 8.8 | 0.19% | 2024-12-03 | 2026-06-17 |
| CVE-2024-47797 | in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through out-of-bounds write. | [email protected] | 8.4 | 0.17% | 2024-11-05 | 2026-06-17 |
| CVE-2024-47404 | in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through double free. | [email protected] | 8.4 | 0.17% | 2024-11-05 | 2026-06-17 |
| CVE-2024-47402 | in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through out-of-bounds read. | [email protected] | 3.3 | 0.15% | 2024-11-05 | 2026-06-17 |
| CVE-2024-47137 | in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through out-of-bounds write. | [email protected] | 8.4 | 0.17% | 2024-11-05 | 2026-06-17 |