Huawei Harmonyos vulnerabilities

1,076 known vulnerabilities affecting huawei/harmonyos.

Total CVEs
1,076
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL138HIGH534MEDIUM365LOW39

Vulnerabilities

Page 7 of 54
CVE-2025-58285MEDIUMCVSS 5.5v5.0.1v5.1.02025-10-11
CVE-2025-58285 [MEDIUM] CWE-264 CVE-2025-58285: Permission control vulnerability in the media module. Successful exploitation of this vulnerability Permission control vulnerability in the media module. Successful exploitation of this vulnerability may affect service confidentiality.
cvelistv5nvd
CVE-2025-58287MEDIUMCVSS 5.5v5.0.1v5.1.02025-10-11
CVE-2025-58287 [MEDIUM] CWE-275 CVE-2025-58287: Use After Free (UAF) vulnerability in the office service. Successful exploitation of this vulnerabil Use After Free (UAF) vulnerability in the office service. Successful exploitation of this vulnerability may affect service confidentiality.
cvelistv5nvd
CVE-2025-58297MEDIUMCVSS 5.5v5.1.02025-10-11
CVE-2025-58297 [MEDIUM] CWE-121 CVE-2025-58297: Buffer overflow vulnerability in the sensor service. Successful exploitation of this vulnerability m Buffer overflow vulnerability in the sensor service. Successful exploitation of this vulnerability may affect availability.
cvelistv5nvd
CVE-2025-58282MEDIUMCVSS 5.5v5.0.1v5.1.02025-10-11
CVE-2025-58282 [MEDIUM] CWE-264 CVE-2025-58282: Permission control vulnerability in the camera module. Successful exploitation of this vulnerability Permission control vulnerability in the camera module. Successful exploitation of this vulnerability may affect service confidentiality.
cvelistv5nvd
CVE-2025-58290MEDIUMCVSS 5.5v5.0.1v5.1.02025-10-11
CVE-2025-58290 [MEDIUM] CWE-41 CVE-2025-58290: Denial of service (DoS) vulnerability in the office service. Successful exploitation of this vulnera Denial of service (DoS) vulnerability in the office service. Successful exploitation of this vulnerability may affect availability.
cvelistv5nvd
CVE-2025-58300MEDIUMCVSS 5.5v5.0.1v5.1.02025-10-11
CVE-2025-58300 [MEDIUM] CWE-121 CVE-2025-58300: Buffer overflow vulnerability in the device management module. Successful exploitation of this vulne Buffer overflow vulnerability in the device management module. Successful exploitation of this vulnerability may affect availability.
cvelistv5nvd
CVE-2025-58283MEDIUMCVSS 5.5v5.0.1v5.1.02025-10-11
CVE-2025-58283 [MEDIUM] CWE-264 CVE-2025-58283: Permission control vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability Permission control vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect service confidentiality.
cvelistv5nvd
CVE-2025-54654MEDIUMCVSS 5.5v5.0.1v5.1.02025-10-11
CVE-2025-54654 [MEDIUM] CWE-264 CVE-2025-54654: Permission control vulnerability in the Gallery module. Successful exploitation of this vulnerabilit Permission control vulnerability in the Gallery module. Successful exploitation of this vulnerability may affect service confidentiality
cvelistv5nvd
CVE-2025-58280MEDIUMCVSS 5.5v5.0.1v5.1.02025-09-05
CVE-2025-58280 [MEDIUM] CWE-1321 CVE-2025-58280: Vulnerability of exposing object heap addresses in the Ark eTS module. Impact: Successful exploitati Vulnerability of exposing object heap addresses in the Ark eTS module. Impact: Successful exploitation of this vulnerability may affect availability.
cvelistv5nvd
CVE-2025-58276MEDIUMCVSS 5.5v2.0.0v3.0.0+5 more2025-09-05
CVE-2025-58276 [MEDIUM] CWE-264 CVE-2025-58276: Permission verification vulnerability in the home screen module Impact: Successful exploitation of t Permission verification vulnerability in the home screen module Impact: Successful exploitation of this vulnerability may affect availability.
cvelistv5nvd
CVE-2025-58281MEDIUMCVSS 5.5v5.0.1v5.1.02025-09-05
CVE-2025-58281 [MEDIUM] CWE-125 CVE-2025-58281: Out-of-bounds read vulnerability in the runtime interpreter module. Impact: Successful exploitation Out-of-bounds read vulnerability in the runtime interpreter module. Impact: Successful exploitation of this vulnerability may affect availability.
cvelistv5nvd
CVE-2025-58296MEDIUMCVSS 4.7v5.0.1v5.1.02025-09-05
CVE-2025-58296 [MEDIUM] CWE-362 CVE-2025-58296: Race condition vulnerability in the audio module. Impact: Successful exploitation of this vulnerabil Race condition vulnerability in the audio module. Impact: Successful exploitation of this vulnerability may affect function stability.
cvelistv5nvd
CVE-2025-58313LOWCVSS 2.5v5.0.1v5.1.02025-09-05
CVE-2025-58313 [LOW] CWE-362 CVE-2025-58313: Race condition vulnerability in the device standby module. Impact: Successful exploitation of this v Race condition vulnerability in the device standby module. Impact: Successful exploitation of this vulnerability may cause feature exceptions of the device standby module.
cvelistv5nvd
CVE-2025-54617CRITICALCVSS 9.8v5.1.02025-08-06
CVE-2025-54617 [CRITICAL] CWE-121 CVE-2025-54617: Stack-based buffer overflow vulnerability in the dms_fwk module. Impact: Successful exploitation of Stack-based buffer overflow vulnerability in the dms_fwk module. Impact: Successful exploitation of this vulnerability can cause RCE.
cvelistv5nvd
CVE-2025-54630HIGHCVSS 7.5v4.3.0v5.0.12025-08-06
CVE-2025-54630 [HIGH] CWE-122 CVE-2025-54630: :Vulnerability of insufficient data length verification in the DFA module. Impact: Successful exploi :Vulnerability of insufficient data length verification in the DFA module. Impact: Successful exploitation of this vulnerability may affect availability.
cvelistv5nvd
CVE-2025-54606HIGHCVSS 7.1v5.0.1v5.0.22025-08-06
CVE-2025-54606 [HIGH] CWE-840 CVE-2025-54606: Status verification vulnerability in the lock screen module. Impact: Successful exploitation of this Status verification vulnerability in the lock screen module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
cvelistv5nvd
CVE-2025-54655HIGHCVSS 7.8v5.0.1v5.0.22025-08-06
CVE-2025-54655 [HIGH] CWE-367 CVE-2025-54655: Race condition vulnerability in the virtualization base module. Successful exploitation of this vuln Race condition vulnerability in the virtualization base module. Successful exploitation of this vulnerability may affect the confidentiality and integrity of the virtualization graphics module.
cvelistv5nvd
CVE-2025-54622HIGHCVSS 7.4v5.0.1v5.0.2+1 more2025-08-06
CVE-2025-54622 [HIGH] CWE-305 CVE-2025-54622: Binding authentication bypass vulnerability in the devicemanager module. Impact: Successful exploita Binding authentication bypass vulnerability in the devicemanager module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
cvelistv5nvd
CVE-2025-54610HIGHCVSS 7.5v5.0.1v5.1.02025-08-06
CVE-2025-54610 [HIGH] CWE-129 CVE-2025-54610: Out-of-bounds access vulnerability in the audio codec module. Impact: Successful exploitation of thi Out-of-bounds access vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect availability.
cvelistv5nvd
CVE-2025-54635HIGHCVSS 7.5v5.1.02025-08-06
CVE-2025-54635 [HIGH] CWE-416 CVE-2025-54635: Vulnerability of returning released pointers in the distributed notification service. Impact: Succes Vulnerability of returning released pointers in the distributed notification service. Impact: Successful exploitation of this vulnerability may affect availability.
cvelistv5nvd
← Previous7 / 54Next →
Huawei Harmonyos vulnerabilities | cvebase