Huawei Harmonyos
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Huawei Harmonyos.
By the Year
In 2025 there have been 101 vulnerabilities in Huawei Harmonyos with an average score of 6.7 out of ten. Last year, in 2024 Harmonyos had 187 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Harmonyos in 2025 could surpass last years number. However, the average CVE base score of the vulnerabilities in 2025 is greater by 0.07.
Year | Vulnerabilities | Average Score |
---|---|---|
2025 | 101 | 6.74 |
2024 | 187 | 6.67 |
2023 | 196 | 7.55 |
2022 | 257 | 7.54 |
2021 | 118 | 7.21 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Harmonyos vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Huawei Harmonyos Security Vulnerabilities
Stack overflow risk when vector images are parsed during file preview
Impact: Successful exploitation of this vulnerability may affect the file preview function.
CVE-2025-53171
3.3 - Low
- July 07, 2025
Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.
Stack overflow risk when vector images are parsed during file preview
Impact: Successful exploitation of this vulnerability may affect the file preview function.
CVE-2025-53172
3.3 - Low
- July 07, 2025
Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.
Stack overflow risk when vector images are parsed during file preview
Impact: Successful exploitation of this vulnerability may affect the file preview function.
CVE-2025-53173
4.3 - Medium
- July 07, 2025
Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.
Stack overflow risk when vector images are parsed during file preview
Impact: Successful exploitation of this vulnerability may affect the file preview function.
CVE-2025-53174
3.3 - Low
- July 07, 2025
Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.
Stack overflow risk when vector images are parsed during file preview
Impact: Successful exploitation of this vulnerability may affect the file preview function.
CVE-2025-53175
3.3 - Low
- July 07, 2025
Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.
Stack overflow risk when vector images are parsed during file preview
Impact: Successful exploitation of this vulnerability may affect the file preview function.
CVE-2025-53176
3.3 - Low
- July 07, 2025
Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.
Null pointer dereference vulnerability in the PDF preview module
Impact: Successful exploitation of this vulnerability may affect function stability.
CVE-2025-53179
7.5 - High
- July 07, 2025
Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.
NULL Pointer Dereference
Null pointer dereference vulnerability in the PDF preview module
Impact: Successful exploitation of this vulnerability may affect function stability.
CVE-2025-53180
7.5 - High
- July 07, 2025
Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.
NULL Pointer Dereference
Null pointer dereference vulnerability in the PDF preview module
Impact: Successful exploitation of this vulnerability may affect function stability.
CVE-2025-53181
7.5 - High
- July 07, 2025
Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.
NULL Pointer Dereference
Null pointer dereference vulnerability in the PDF preview module
Impact: Successful exploitation of this vulnerability may affect function stability.
CVE-2025-53182
7.5 - High
- July 07, 2025
Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.
NULL Pointer Dereference
Null pointer dereference vulnerability in the PDF preview module
Impact: Successful exploitation of this vulnerability may affect function stability.
CVE-2025-53183
7.5 - High
- July 07, 2025
Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.
NULL Pointer Dereference
Null pointer dereference vulnerability in the PDF preview module
Impact: Successful exploitation of this vulnerability may affect function stability.
CVE-2025-53184
7.5 - High
- July 07, 2025
Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.
NULL Pointer Dereference
Resource allocation control failure vulnerability in the ArkUI framework
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-58114
- June 06, 2025
Resource allocation control failure vulnerability in the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability.
Vulnerability of uncontrolled system resource applications in the setting module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-48902
- June 06, 2025
Vulnerability of uncontrolled system resource applications in the setting module Impact: Successful exploitation of this vulnerability may affect availability.
Permission bypass vulnerability in the media library module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-48903
- June 06, 2025
Permission bypass vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect availability.
Vulnerability that cards
CVE-2025-48904
6.2 - Medium
- June 06, 2025
Vulnerability that cards can call unauthorized APIs in the FRS process Impact: Successful exploitation of this vulnerability may affect availability.
Wasm exception capture vulnerability in the arkweb v8 module
Impact: Successful exploitation of this vulnerability may cause the failure to capture specific Wasm exception types.
CVE-2025-48905
- June 06, 2025
Wasm exception capture vulnerability in the arkweb v8 module Impact: Successful exploitation of this vulnerability may cause the failure to capture specific Wasm exception types.
Authentication bypass vulnerability in the DSoftBus module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-48906
- June 06, 2025
Authentication bypass vulnerability in the DSoftBus module Impact: Successful exploitation of this vulnerability may affect availability.
Deserialization vulnerability in the IPC module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-48907
- June 06, 2025
Deserialization vulnerability in the IPC module Impact: Successful exploitation of this vulnerability may affect availability.
Ability Auto Startup service vulnerability in the foundation process
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-48908
- June 06, 2025
Ability Auto Startup service vulnerability in the foundation process Impact: Successful exploitation of this vulnerability may affect availability.
Bypass vulnerability in the device management channel
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-48909
- June 06, 2025
Bypass vulnerability in the device management channel Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Buffer overflow vulnerability in the DFile module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-48910
- June 06, 2025
Buffer overflow vulnerability in the DFile module Impact: Successful exploitation of this vulnerability may affect availability.
Vulnerability of improper permission assignment in the note sharing module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-48911
- June 06, 2025
Vulnerability of improper permission assignment in the note sharing module Impact: Successful exploitation of this vulnerability may affect availability.
Vulnerability of insufficient information protection in the media library module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-58252
5.5 - Medium
- May 06, 2025
Vulnerability of insufficient information protection in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Permission control vulnerability in the media library module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-46587
5.5 - Medium
- May 06, 2025
Permission control vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Incorrect Default Permissions
Vulnerability of unauthorized access in the app lock module
Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
CVE-2025-46588
7.7 - High
- May 06, 2025
Vulnerability of unauthorized access in the app lock module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
Vulnerability of unauthorized access in the app lock module
Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
CVE-2025-46589
7.1 - High
- May 06, 2025
Vulnerability of unauthorized access in the app lock module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
Bypass vulnerability in the network search instruction authentication module
Impact: Successful exploitation of this vulnerability
CVE-2025-46590
6.5 - Medium
- May 06, 2025
Bypass vulnerability in the network search instruction authentication module Impact: Successful exploitation of this vulnerability can bypass authentication and enable access to some network search functions.
authentification
Out-of-bounds data read vulnerability in the authorization module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-46591
5.5 - Medium
- May 06, 2025
Out-of-bounds data read vulnerability in the authorization module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Out-of-bounds Read
Null pointer dereference vulnerability in the USB HDI driver module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-46592
5.5 - Medium
- May 06, 2025
Null pointer dereference vulnerability in the USB HDI driver module Impact: Successful exploitation of this vulnerability may affect availability.
NULL Pointer Dereference
Process residence vulnerability in abnormal scenarios in the print module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-46593
5.5 - Medium
- May 06, 2025
Process residence vulnerability in abnormal scenarios in the print module Impact: Successful exploitation of this vulnerability may affect availability.
Vulnerability of improper authentication logic implementation in the file system module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-46584
5.5 - Medium
- May 06, 2025
Vulnerability of improper authentication logic implementation in the file system module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Improper Handling of Exceptional Conditions
Out-of-bounds array read/write vulnerability in the kernel module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-46585
7 - High
- May 06, 2025
Out-of-bounds array read/write vulnerability in the kernel module Impact: Successful exploitation of this vulnerability may affect availability.
Memory Corruption
Permission control vulnerability in the contacts module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-46586
5.5 - Medium
- May 06, 2025
Permission control vulnerability in the contacts module Impact: Successful exploitation of this vulnerability may affect availability.
Incorrect Default Permissions
Exception capture failure vulnerability in the SVG parsing module of the ArkUI framework
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-58112
7.5 - High
- April 07, 2025
Exception capture failure vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability.
Deserialization mismatch vulnerability in the DSoftBus module
Impact: Successful exploitation of this vulnerability may affect service integrity.
CVE-2025-31175
7.5 - High
- April 07, 2025
Deserialization mismatch vulnerability in the DSoftBus module Impact: Successful exploitation of this vulnerability may affect service integrity.
Marshaling, Unmarshaling
Path traversal vulnerability in the DFS module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-31174
7.5 - High
- April 07, 2025
Path traversal vulnerability in the DFS module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Directory traversal
Memory write permission bypass vulnerability in the kernel futex module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-31173
6.5 - Medium
- April 07, 2025
Memory write permission bypass vulnerability in the kernel futex module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Memory write permission bypass vulnerability in the kernel futex module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-31172
5.5 - Medium
- April 07, 2025
Memory write permission bypass vulnerability in the kernel futex module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
File read permission bypass vulnerability in the kernel file system module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-31171
5.5 - Medium
- April 07, 2025
File read permission bypass vulnerability in the kernel file system module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Access control vulnerability in the security verification module
Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
CVE-2025-31170
9.1 - Critical
- April 07, 2025
Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
Authentication Bypass by Spoofing
Access control vulnerability in the security verification module
Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
CVE-2024-58127
9.1 - Critical
- April 07, 2025
Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
Authentication Bypass by Spoofing
Access control vulnerability in the security verification module
Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
CVE-2024-58126
9.1 - Critical
- April 07, 2025
Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
Authentication Bypass by Spoofing
Access control vulnerability in the security verification module
Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
CVE-2024-58125
9.1 - Critical
- April 07, 2025
Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
Authentication Bypass by Spoofing
Access control vulnerability in the security verification module
Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
CVE-2024-58124
9.1 - Critical
- April 07, 2025
Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
Authentication Bypass by Spoofing
Buffer overflow vulnerability in the codec module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-58107
7.5 - High
- April 07, 2025
Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.
Classic Buffer Overflow
Buffer overflow vulnerability in the codec module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-58109
7.5 - High
- April 07, 2025
Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.
Classic Buffer Overflow
Buffer overflow vulnerability in the codec module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-58108
7.5 - High
- April 07, 2025
Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.
Classic Buffer Overflow
Buffer overflow vulnerability in the SVG parsing module of the ArkUI framework
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-58115
7.5 - High
- April 07, 2025
Buffer overflow vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability.
Memory Corruption
Buffer overflow vulnerability in the codec module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-58106
7.5 - High
- April 07, 2025
Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.
Classic Buffer Overflow
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Huawei Harmonyos or by Huawei? Click the Watch button to subscribe.
