Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.7

    HIGH
    CVE-2025-46588

    Vulnerability of unauthorized access in the app lock module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.... Read more

    Affected Products : harmonyos
    • Published: May. 06, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Authentication

  • 5.5

    MEDIUM
    CVE-2025-46586

    Permission control vulnerability in the contacts module Impact: Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : harmonyos
    • Published: May. 06, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Authorization

  • 7.5

    HIGH
    CVE-2025-31174

    Path traversal vulnerability in the DFS module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Apr. 07, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Path Traversal

  • 6.8

    MEDIUM
    CVE-2025-31171

    File read permission bypass vulnerability in the kernel file system module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Apr. 07, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Information Disclosure

  • 6.8

    MEDIUM
    CVE-2025-27521

    Vulnerability of improper access permission in the process management module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Mar. 04, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Authorization

  • 5.3

    MEDIUM
    CVE-2025-10493

    The Chained Quiz plugin for WordPress is vulnerable to Insecure Direct Object Reference in version 1.3.4 and below via the quiz submission and completion mechanisms due to missing validation on a user controlled key. This makes it possible for unauthentic... Read more

    Affected Products :
    • Published: Sep. 18, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Authorization

  • 7.5

    HIGH
    CVE-2024-9136

    Access permission verification vulnerability in the App Multiplier module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : emui harmonyos
    • Published: Sep. 27, 2024
    • Modified: Sep. 18, 2025

  • 6.2

    MEDIUM
    CVE-2024-58050

    Vulnerability of improper access permission in the HDC module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Mar. 04, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Authorization

  • 6.2

    MEDIUM
    CVE-2024-58046

    Permission management vulnerability in the lock screen module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Mar. 04, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Authorization

  • 7.5

    HIGH
    CVE-2024-57955

    Arbitrary write vulnerability in the Gallery module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Feb. 06, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Information Disclosure

  • 7.5

    HIGH
    CVE-2024-57954

    Permission verification vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Feb. 06, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Authorization

  • 7.5

    HIGH
    CVE-2024-56439

    Access control vulnerability in the identity authentication module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Jan. 08, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Authentication

  • 7.5

    HIGH
    CVE-2024-56438

    Vulnerability of improper memory address protection in the HUKS module Impact: Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : emui harmonyos
    • Published: Jan. 08, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2024-56436

    Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Jan. 08, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Information Disclosure

  • 7.5

    HIGH
    CVE-2024-56435

    Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Jan. 08, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Information Disclosure

  • 7.5

    HIGH
    CVE-2024-56434

    UAF vulnerability in the device node access module Impact: Successful exploitation of this vulnerability may cause service exceptions of the device.... Read more

    Affected Products : emui harmonyos
    • Published: Jan. 08, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2024-54113

    Process residence vulnerability in abnormal scenarios in the print module Impact: Successful exploitation of this vulnerability may affect power consumption.... Read more

    Affected Products : harmonyos
    • Published: Dec. 12, 2024
    • Modified: Sep. 18, 2025

  • 7.5

    HIGH
    CVE-2024-54112

    Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Dec. 12, 2024
    • Modified: Sep. 18, 2025

  • 7.5

    HIGH
    CVE-2024-54110

    Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Dec. 12, 2024
    • Modified: Sep. 18, 2025

  • 7.5

    HIGH
    CVE-2024-54109

    Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.... Read more

    Affected Products : harmonyos
    • Published: Dec. 12, 2024
    • Modified: Sep. 18, 2025
Showing 20 of 294537 Results