» 2023 » 1월

A vulnerability was found in Information Cards Module and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 1.0 is able to address this issue. The name of the patch is f6bfea49ae16dc6e179df8306d39c3694f1ef186. It is recommended to upgrade the affected component. The identifier VDB-217661 was assigned to this vulnerability.

Source: CVE-2010-10004

CVE-2022-25890

Posted on 2023년 1월 9일2023년 1월 9일 by admin

CVE-2022-25890

All versions of the package wifey are vulnerable to Command Injection via the connect() function due to improper input sanitization.

Source: CVE-2022-25890

CVE-2022-43662

Posted on 2023년 1월 9일2023년 1월 9일 by admin

CVE-2022-43662

Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysTimerGettime. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked.

Source: CVE-2022-43662

CVE-2023-0035

Posted on 2023년 1월 9일2023년 1월 9일 by admin

CVE-2023-0035

softbus_client_stub in communication subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege.

Source: CVE-2023-0035

CVE-2023-0036

Posted on 2023년 1월 9일2023년 1월 9일 by admin

CVE-2023-0036

platform_callback_stub in misc subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege.

Source: CVE-2023-0036