Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

OpenHarmony — Vulnerabilities & Security Advisories 167

Browse all 167 CVE security advisories affecting OpenHarmony. AI-powered Chinese analysis, POCs, and references for each vulnerability.

OpenHarmony is an open-source operating system designed for distributed scenarios across smart devices, IoT, and industrial applications. Its architecture emphasizes modularity and scalability, allowing developers to tailor the system for diverse hardware constraints. Historically, the project has faced 167 recorded Common Vulnerabilities and Exposures (CVEs), with recurring issues primarily involving buffer overflows, use-after-free errors, and improper input validation. These flaws often lead to remote code execution or privilege escalation, particularly within the device communication and permission management modules. While no single catastrophic incident has defined its history, the high volume of CVEs highlights challenges in maintaining rigorous security standards across its fragmented ecosystem. The project relies on community-driven patches and formal verification efforts to mitigate risks, though the complexity of its distributed nature continues to present significant attack surface challenges for security researchers and administrators alike.

Top products by OpenHarmony: OpenHarmony
CVE IDTitleCVSSSeverityPublished
CVE-2025-20091 Communication Dsoftbus has an UAF vulnerability — OpenHarmonyCWE-416 3.8 Low2025-03-04
CVE-2025-20081 Communication Dsoftbus has an UAF vulnerability — OpenHarmonyCWE-416 3.8 Low2025-03-04
CVE-2025-20042 Liteos-A has an out of bounds read vulnerability — OpenHarmonyCWE-125 5.5 Medium2025-03-04
CVE-2025-20024 Arkcompiler Ets Runtime has an integer overflow vulnerability — OpenHarmonyCWE-190 3.8 Low2025-03-04
CVE-2025-20021 Arkcompiler Ets Runtime has an out-of-bounds read vulnerability — OpenHarmonyCWE-125 3.3 Low2025-03-04
CVE-2025-20011 Communication Dsoftbus has a memory leak vulnerability — OpenHarmonyCWE-401 3.3 Low2025-03-04
CVE-2025-0587 Arkcompiler Ets Runtime has an integer overflow vulnerability — OpenHarmonyCWE-190 3.8 Low2025-03-04
CVE-2025-0304 Liteos_a has an use after free vulnerability — OpenHarmonyCWE-416 8.8 High2025-02-07
CVE-2025-0303 Liteos_a has a buffer overflow vulnerability — OpenHarmonyCWE-120 8.8 High2025-02-07
CVE-2025-0302 Liteos_a has an integer overflow read vulnerability — OpenHarmonyCWE-190 5.5 Medium2025-02-07
CVE-2024-54030 Communication_dsoftbus has an UAF vulnerability — OpenHarmonyCWE-416 4.4 Medium2025-01-07
CVE-2024-47398 Liteos_a has an out-of-bounds write vulnerability — OpenHarmonyCWE-787 8.8 High2025-01-07
CVE-2024-45070 Liteos_a has an out-of-bounds read vulnerability — OpenHarmonyCWE-125 5.5 Medium2025-01-07
CVE-2024-9978 Liteos_a has an out-of-bounds read vulnerability — OpenHarmonyCWE-125 5.5 Medium2024-12-03
CVE-2024-12082 Ability Runtime has an out-of-bounds read permission bypass vulnerability — OpenHarmonyCWE-125 5.5 Medium2024-12-03
CVE-2024-10074 Liteos_a has an use after free vulnerability — OpenHarmonyCWE-416 8.8 High2024-12-03
CVE-2024-47402 Liteos_a has an Out-of-bounds Read vulnerability — OpenHarmonyCWE-125 3.3 Low2024-11-05
CVE-2024-47137 Liteos_a has an out-of-bounds Write vulnerability — OpenHarmonyCWE-787 8.4 High2024-11-05
CVE-2024-47404 Liteos_a has a double free vulnerability — OpenHarmonyCWE-415 8.4 High2024-11-05
CVE-2024-47797 Liteos_a has an out-of-bounds Write vulnerability — OpenHarmonyCWE-787 8.4 High2024-11-05
CVE-2024-45382 Liteos_a has an Out-of-bounds Write vulnerability — OpenHarmonyCWE-787 3.3 Low2024-10-08
CVE-2024-43697 Liteos_a has an Improper Input Validation vulnerability — OpenHarmonyCWE-20 3.3 Low2024-10-08
CVE-2024-43696 Liteos_a has an Memory Leak vulnerability — OpenHarmonyCWE-401 3.3 Low2024-10-08
CVE-2024-39831 AccessTokenManager has an use after free vulnerability — OpenHarmonyCWE-416 4.4 Medium2024-10-08
CVE-2024-39806 Liteos_a has an out-of-bounds Read vulnerability — OpenHarmonyCWE-125 5.5 Medium2024-10-08
CVE-2024-41160 Liteos-A has an use after free vulnerability — OpenHarmonyCWE-416 8.8 High2024-09-02
CVE-2024-41157 Liteos-A has an use after free vulnerability — OpenHarmonyCWE-416 8.8 High2024-09-02
CVE-2024-39816 Arkcompiler Ets Runtime has an out-of-bounds write vulnerability — OpenHarmonyCWE-787 8.4 High2024-09-02
CVE-2024-39775 Net Manager has an out-of-bounds read permission bypass vulnerability — OpenHarmonyCWE-125 6.5 Medium2024-09-02
CVE-2024-39612 Background Task Manager has an out-of-bounds read permission bypass vulnerability — OpenHarmonyCWE-125 5.5 Medium2024-09-02

This page lists every published CVE security advisory associated with OpenHarmony. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.