Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2024
CVE-2023-46708
in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through use after free.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-03-04
CVE-2023-49602
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through type confusion.
CVSS Score
2.9
EPSS Score
0.001
Published
2024-03-04
CVE-2023-25176
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause information leak through out-of-bounds Read.
CVSS Score
2.9
EPSS Score
0.001
Published
2024-03-04
CVE-2024-20018
In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00348479; Issue ID: MSV-1019.
CVSS Score
9.8
EPSS Score
0.008
Published
2024-03-04
CVE-2024-20019
In wlan driver, there is a possible memory leak due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00351241; Issue ID: MSV-1173.
CVSS Score
5.9
EPSS Score
0.013
Published
2024-03-04
CVE-2024-20020
In OPTEE, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08522504; Issue ID: ALPS08522504.
CVSS Score
4.4
EPSS Score
0.0
Published
2024-03-04
CVE-2024-20022
In lk, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08528255; Issue ID: ALPS08528255.
CVSS Score
6.7
EPSS Score
0.0
Published
2024-03-04
CVE-2024-20023
In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541638; Issue ID: ALPS08541638.
CVSS Score
6.7
EPSS Score
0.0
Published
2024-03-04
CVE-2024-20024
In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541635; Issue ID: ALPS08541635.
CVSS Score
6.0
EPSS Score
0.0
Published
2024-03-04
CVE-2024-20025
In da, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541686; Issue ID: ALPS08541686.
CVSS Score
6.7
EPSS Score
0.0
Published
2024-03-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved