Aggregates CVE and security vulnerability intelligence across all OpenAtom Foundation-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk memory corruption, vendor risk buffer overflow, and vendor risk input validation and related problems; some flaws may lead to vendor impact application crash.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-3759 | in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through use after free. | [email protected] | 6.5 | 0.17% | 2024-05-07 | 2026-06-17 |
| CVE-2024-3758 | in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through heap buffer overflow. | [email protected] | 6.5 | 0.20% | 2024-05-07 | 2026-06-17 |
| CVE-2024-3757 | in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through integer overflow. | [email protected] | 3.3 | 0.19% | 2024-05-07 | 2026-06-17 |
| CVE-2024-31078 | in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through NULL pointer dereference. | [email protected] | 3.3 | 0.16% | 2024-05-07 | 2026-06-17 |
| CVE-2024-27217 | in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. | [email protected] | 6.5 | 0.19% | 2024-05-07 | 2026-06-17 |
| CVE-2024-23808 | in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free or cause DOS through NULL pointer dereference. | [email protected] | 5.2 | 0.19% | 2024-05-07 | 2026-06-17 |
| CVE-2024-29086 | in OpenHarmony v3.2.4 and prior versions allow a local attacker cause DOS through stack overflow. | [email protected] | 3.3 | 0.15% | 2024-04-02 | 2026-06-17 |
| CVE-2024-29074 | in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through improper input. | [email protected] | 6.5 | 0.18% | 2024-04-02 | 2026-06-17 |
| CVE-2024-28951 | in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. | [email protected] | 5.5 | 0.18% | 2024-04-02 | 2026-06-17 |
| CVE-2024-28226 | in OpenHarmony v4.0.0 and prior versions allow a remote attacker cause DOS through improper input. | [email protected] | 8.1 | 0.61% | 2024-04-02 | 2026-06-17 |
| CVE-2024-24581 | in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution through out-of-bounds write. | [email protected] | 6.5 | 0.18% | 2024-04-02 | 2026-06-17 |
| CVE-2024-22180 | in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through use after free. | [email protected] | 3.3 | 0.15% | 2024-04-02 | 2026-06-17 |
| CVE-2024-22177 | in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through get permission. | [email protected] | 3.3 | 0.06% | 2024-04-02 | 2026-06-17 |
| CVE-2024-22098 | in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through use after free. | [email protected] | 6.5 | 0.19% | 2024-04-02 | 2026-06-17 |
| CVE-2024-22092 | in OpenHarmony v3.2.4 and prior versions allow a remote attacker bypass permission verification to install apps, although these require user action. | [email protected] | 7.7 | 0.45% | 2024-04-02 | 2026-06-17 |
| CVE-2024-21834 | in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through type confusion. | [email protected] | 3.3 | 0.15% | 2024-04-02 | 2026-06-17 |
| CVE-2024-21826 | in OpenHarmony v3.2.4 and prior versions allow a local attacker cause sensitive information leak through insecure storage. | [email protected] | 4.3 | 0.20% | 2024-03-04 | 2026-06-17 |
| CVE-2024-21816 | in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through improper preservation of permissions. | [email protected] | 4.0 | 0.14% | 2024-03-04 | 2026-06-17 |
| CVE-2023-49602 | in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through type confusion. | [email protected] | 2.9 | 0.07% | 2024-03-04 | 2026-06-17 |
| CVE-2023-46708 | in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through use after free. | [email protected] | 4.3 | 0.17% | 2024-03-04 | 2026-06-17 |