Show filters
440 Total Results
Displaying 221-230 of 440
Sort by:
Attacker Value
Unknown
CVE-2022-38181
Disclosure Date: October 25, 2022 (last updated February 24, 2025)
The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0.
0
Attacker Value
Unknown
CVE-2022-37602
Disclosure Date: October 14, 2022 (last updated February 24, 2025)
Prototype pollution vulnerability in karma-runner grunt-karma 4.0.1 via the key variable in grunt-karma.js.
0
Attacker Value
Unknown
CVE-2022-42488
Disclosure Date: October 11, 2022 (last updated February 24, 2025)
OpenHarmony-v3.1.2 and prior versions have a Missing permission validation vulnerability in param service of startup subsystem. An malicious application installed on the device could elevate its privileges to the root user, disable security features, or cause DoS by disabling particular services.
0
Attacker Value
Unknown
CVE-2022-42463
Disclosure Date: October 11, 2022 (last updated February 24, 2025)
OpenHarmony-v3.1.2 and prior versions have an authenication bypass vulnerability in a callback handler function of Softbus_server in communication subsystem. Attackers can launch attacks on distributed networks by sending Bluetooth rfcomm packets to any remote device and executing arbitrary commands.
0
Attacker Value
Unknown
CVE-2022-41686
Disclosure Date: October 11, 2022 (last updated February 24, 2025)
OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have an Out-of-bound memory read and write vulnerability in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could read out-of-bound memory leading sensitive to information disclosure. The processes with system user UID run on the device would be able to write out-of-bound memory which could lead to unspecified memory corruption.
0
Attacker Value
Unknown
CVE-2022-42464
Disclosure Date: October 11, 2022 (last updated February 24, 2025)
OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have a Kernel memory pool override vulnerability in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could disclose sensitive information including kernel pointer, which could be used in further attacks. The processes with system user UID run on the device would be able to mmap memory pools used by kernel and override them which could be used to gain kernel code execution on the device, gain root privileges, or cause device reboot.
0
Attacker Value
Unknown
CVE-2022-38064
Disclosure Date: September 06, 2022 (last updated February 24, 2025)
OpenHarmony-v3.1.2 and prior versions have a permission bypass vulnerability. Local attackers can bypass permission control and get sensitive information.
0
Attacker Value
Unknown
CVE-2022-38081
Disclosure Date: September 06, 2022 (last updated February 24, 2025)
OpenHarmony-v3.1.2 and prior versions have a permission bypass vulnerability. LAN attackers can bypass the distributed permission control.To take advantage of this weakness, attackers need another vulnerability to obtain system.
0
Attacker Value
Unknown
CVE-2022-38701
Disclosure Date: September 06, 2022 (last updated February 24, 2025)
OpenHarmony-v3.1.2 and prior versions have a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive information.
0
Attacker Value
Unknown
CVE-2022-36423
Disclosure Date: September 06, 2022 (last updated February 24, 2025)
OpenHarmony-v3.1.2 and prior versions have an incorrect configuration of the cJSON library, which leads a Stack overflow vulnerability during recursive parsing. LAN attackers can lead a DoS attack to all network devices.
0