CVE-2025-20081

MEDIUM Year: 2025
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-416
View all →

Vulnerability Description

in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.

Related Vulnerabilities

CVE-2016-9798

MEDIUM
CVSS:5.3(Medium)

In BlueZ 5.42, a use-after-free was identified in "conf_opt" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump ...

CWE-4162016

CVE-2017-1000211

MEDIUM
CVSS:5.3(Medium)

Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTML_put_string() can append a chunk onto itself.

CWE-4162017

CVE-2018-7521

MEDIUM
CVSS:5.3(Medium)

In Omron CX-Supervisor Versions 3.30 and prior, use after free vulnerabilities can be exploited when CX Supervisor parses a specially crafted project file.

CWE-4162018

CVE-2019-0196

MEDIUM
CVSS:5.3(Medium)

A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the...

CWE-4162019

CVE-2019-20934

MEDIUM
CVSS:5.3(Medium)

An issue was discovered in the Linux kernel before 5.2.6. On NUMA systems, the Linux fair scheduler has a use-after-free in show_numa_stats() because NUMA fault statistics are inappropriately freed, a...

CWE-4162019

CVE-2019-7317

MEDIUM
CVSS:5.3(Medium)

png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.

CWE-4162019