in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through improper preservation of permissions.

in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through type confusion.

in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through use after free.

in OpenHarmony v3.2.4 and prior versions allow a local attacker cause information leak through out-of-bounds Read.

The Matomo Analytics – Ethical Stats. Powerful Insights. plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the idsite parameter in all versions up to, and including, 4.15.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through improper input.

in OpenHarmony v4.0.0 and prior versions allow an adjacent attacker arbitrary code execution in any apps through use after free.

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause heap overflow through integer overflow.

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause heap overflow through integer overflow.

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through improper input.