|OpenHarmony-SA-2021-0901 | NA | The component distributedschedule_samgr_lite has a UAF vulnerability.|This vulnerability can be exploited to bypass verification when calling an SA.|OpenHarmony-v2.2(Trunk)|distributedschedule_samgr_lite| [Link](https://gitee.com/openharmony/distributedschedule_samgr_lite/pulls/24/files) |Reported by OpenHarmony Team|
|OpenHarmony-SA-2021-0902 | NA | The component kernel_liteos_a has an invalid address access vulnerability.|This vulnerability can be exploited to write to illegal address in kernel, causing Remote Code Execute. |OpenHarmony-v2.2(Trunk)|kernel_liteos_a| [Link](https://gitee.com/openharmony/kernel_liteos_a/pulls/373/files) |Reported by OpenHarmony Team|
|OpenHarmony-SA-2021-0903 | NA | The component drivers_adapter has an integer overflow vulnerability.|This vulnerability can be exploited to apply large memory, causing Dos attacks.|OpenHarmony-v2.2(Trunk)|drivers_adapter| [Link](https://gitee.com/openharmony/drivers_adapter/pulls/31/files) |[Reported by OpenHarmony Team|
|OpenHarmony-SA-2021-0903 | NA | The component drivers_adapter has an integer overflow vulnerability.|This vulnerability can be exploited to apply large memory, causing Dos attacks.|OpenHarmony-v2.2(Trunk)|drivers_adapter| [Link](https://gitee.com/openharmony/drivers_adapter/pulls/31/files) |Reported by OpenHarmony Team|
|OpenHarmony-SA-2022-0501 | NA | The softbus subsystem in OpenHarmony has a heap overflow vulnerability. | Local attackers can overwrite the memory and get system control. |OpenHarmony-3.0-LTS|communication_dsoftbus| [Link](https://gitee.com/openharmony/communication_dsoftbus/pulls/1198) |Reported by OpenHarmony Team|
|OpenHarmony-SA-2022-0502 | NA | The softbus subsystem in OpenHarmony has a heap overflow vulnerability when receive a tcp message. | LAN attackers can lead to remote code execution(RCE) and get system control. |OpenHarmony-3.0-LTS|communication_dsoftbus| [Link](https://gitee.com/openharmony/communication_dsoftbus/pulls/1113) |Reported by OpenHarmony Team|
|OpenHarmony-SA-2022-0503 | NA | The softbus subsystem in OpenHarmony has an out-of-bounds access vulnerability when handle a synchronized message from another device. | Local attackers can elevate permissions to SYSTEM. |OpenHarmony-3.0-LTS|communication_dsoftbus| [Link](https://gitee.com/openharmony/communication_dsoftbus/pulls/1369) |Reported by OpenHarmony Team|
|OpenHarmony-SA-2022-0504 | NA | The calss Lock in OpenHarmony has a double free vulnerability. | Local attackers can elevate permissions to SYSTEM. |OpenHarmony-3.0-LTS|global_resmgr_standard| [Link](https://gitee.com/openharmony/global_resmgr_standard/pulls/136) |Reported by OpenHarmony Team|
### The following table lists the third-party library vulnerabilities with only the CVE, severity, and affected OpenHarmony versions provided. For more details, see the security bulletins released by third-parties.