CVE-2022-44455

HIGH Year: 2022
CVSS v3 Score
7.8
High
Weakness Type
CWE-120
View all →

Vulnerability Description

The appspawn and nwebspawn services within OpenHarmony-v3.1.2 and prior versions were found to be vulnerable to buffer overflow vulnerability due to insufficient input validation. An unprivileged malicious application would be able to gain code execution within any application installed on the device or cause application crash.

Related Vulnerabilities

CVE-2002-0969

HIGH
CVSS:7.8(High)

Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini init...

CWE-1202002

CVE-2004-0210

HIGH
CVSS:7.8(High)

The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifying message length values and causing a buffer overf...

CWE-1202004

CVE-2007-5659

HIGH
CVSS:7.8(High)

Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to unspecified JavaScript methods. NOTE: thi...

CWE-1202007

CVE-2010-2492

HIGH
CVSS:7.8(High)

Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of se...

CWE-1202010

CVE-2010-2572

HIGH
CVSS:7.8(High)

Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint 95 document, aka "PowerPoint Parsing Buffer Overflow Vulnerabil...

CWE-1202010

CVE-2011-1145

HIGH
CVSS:7.8(High)

The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.

CWE-1202011