3.3
CVE-2025-25218 - third_party_mksh has a NULL pointer dereference vulnerability
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
7.8
CVE-2025-21475 - Buffer Over-read in Display
Memory corruption while processing escape code, when DisplayId is passed with large unsigned value.
7.8
CVE-2025-21470 - Improper Access Control in Camera Driver
Memory corruption while processing image encoding, when configuration is NULL in IOCTL parameter.
7.8
CVE-2025-21469 - Improper Access Control in Camera Driver
Memory corruption while processing image encoding, when input buffer length is 0 in IOCTL call.
7.8
CVE-2025-21468 - Out-of-bounds Write in Computer Vision
Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.
7.8
CVE-2025-21467 - Out-of-bounds Write in Computer Vision
Memory corruption while reading the FW response from the shared queue.
7.8
CVE-2025-21462 - Out-of-bounds Write in Computer Vision
Memory corruption while processing an IOCTL request, when buffer significantly exceeds the command argument limit.
7.8
CVE-2025-21460 - Improper Input Validation in Automotive Software platform based on QNX
Memory corruption while processing a message, when the buffer is controlled by a Guest VM, the value can be changed continuously.
7.5
CVE-2025-21459 - Buffer Over-read in WLAN Host Communication
Transient DOS while parsing per STA profile in ML IE.
7.8
CVE-2025-21453 - Use After Free in GPS HLOS Driver
Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.