Security Vulnerabilities - CVEs Published In May 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through buffer overflow.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-05-06
Transient DOS while parsing per STA profile in ML IE.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-05-06
Memory corruption while processing a message, when the buffer is controlled by a Guest VM, the value can be changed continuously.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-05-06
Memory corruption while processing an IOCTL request, when buffer significantly exceeds the command argument limit.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-05-06
Memory corruption while reading the FW response from the shared queue.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-05-06
Memory corruption while triggering commands in the PlayReady Trusted application.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-05-06
Memory corruption during the FRS UDS generation process.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-05-06
Memory corruption while decoding of OTA messages from T3448 IE.
CVSS Score
8.2
EPSS Score
0.001
Published
2025-05-06
Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-05-06
Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-05-06