CVE-2025-27577

CVE-2025-27577 affects OpenHarmony v5.0.3 and earlier where a local attacker can achieve arbitrary code execution via a race condition in the tcb component. The root cause is a race condition that could be exploited locally; no remote vector is described in the provided documents. A remediation i...

OpenHarmony 资源管理错误漏洞

OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom OpenAtom Foundation. A resource management error vulnerability exists in OpenHarmony v5.0.3 and earlier versions, which stems from a post-release reuse issue in tcb and could lead to the execution of arbitrar...

PT-2025-32511 · Openharmony · Openharmony

Name of the Vulnerable Software and Affected Versions: OpenHarmony versions prior to 5.0.4 Description: OpenHarmony versions prior to 5.0.4 contain a use-after-free issue in the tcb component that allows a local attacker to execute arbitrary code. Recommendations: Update to OpenHarmony version...

PT-2025-32514 · Openharmony · Openharmony

Name of the Vulnerable Software and Affected Versions: OpenHarmony versions prior to 5.0.4 Description: The software contains a flaw that allows a local attacker to execute arbitrary code within the tcb component due to a race condition. Recommendations: Update to version 5.0.4 or later...

PT-2025-32509 · Openharmony · Openharmony

Name of the Vulnerable Software and Affected Versions: OpenHarmony versions prior to 5.0.4 Description: The software contains a flaw that allows a local attacker to execute arbitrary code within the tcb component due to a race condition. Recommendations: Update to OpenHarmony version 5.0.4 or lat...

OpenHarmony 竞争条件问题漏洞

OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom OpenAtom Foundation. A competitive condition issue vulnerability exists in OpenHarmony v5.0.3 and earlier versions, which stems from a competitive condition in tcb that could lead to the execution of arbitrar...

PT-2025-32505 · Unknown · Openharmony

Name of the Vulnerable Software and Affected Versions: OpenHarmony versions prior to 5.0.4 Description: The software contains a use-after-free flaw in the trusted computing base tcb component that could allow a local attacker to execute arbitrary code. Recommendations: Update to version 5.0.4 or...

CVE-2025-54873

RISC Zero is a zero-knowledge verifiable general computing platform based on zk-STARKs and the RISC-V microarchitecture. RISC packages risc0-zkvm versions 2.0.0 through 2.1.0 and risc0-circuit-rv32im and risc0-circuit-rv32im-sys versions 2.0.0 through 2.0.4 contain vulnerabilities where signed...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.56 security and extras update

Red Hat OpenShift Container Platform release 4.15.56 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a security impact of...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.17.37 security and extras update

Red Hat OpenShift Container Platform release 4.17.37 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a security impact of...

CVE-2025-54873

Summary (CVE-2025-54873) : RISC Zero’s zkVM platform and related circuit packages contain a bug in signed integer division that can produce multiple outputs for some inputs (only one valid) and causes division-by-zero results to be underconstrained. Affected versions are: risc0-zkvm 2.0.0–2.1.0; ...

AI in Cloud Computing: How AI Is Revolutionizing the Landscape

Discover how AI in cloud computing is transforming industries. Learn about the differences between cloud AI and edge AI — their benefits, use cases, and solutions...

Leveraging Machine Learning for Botnet Attack Detection in Edge-Computing Assisted IoT Networks

The increase of IoT devices, driven by advancements in hardware technologies, has led to widespread deployment in large-scale networks that process massive amounts of data daily. However, the reliance on Edge Computing to manage these devices has introduced significant security vulnerabilities, a...

Cheating on Quantum Computing Benchmarks

Peter Gutmann and Stephan Neuhaus have a new paper--I think it's new, even though it has a March 2025 date--that makes the argument that we shouldn't trust any of the quantum factorization benchmarks, because everyone has been cooking the books: Similarly, quantum factorisation is performed using...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.21 bug fix and security update

Red Hat OpenShift Container Platform release 4.18.21 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.45 bug fix and security update

Red Hat OpenShift Container Platform release 4.16.45 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...

Elastic 安全漏洞

Elastic is a suite of open source distributed RESTful search engines built on Lucene by Elastic Netherlands. The product is primarily used in cloud computing and supports data indexing using JSON over HTTP. A security vulnerability exists in Elastic that stems from improper handling of directory...

Elastic 安全漏洞

Elastic is a suite of open source distributed RESTful search engines built on Lucene by Elastic Netherlands. The product is primarily used in cloud computing and supports data indexing using JSON over HTTP. A security vulnerability exists in Elastic that stems from improper handling of directory...

Rethinking HSM and TPM Security in the Cloud: Real-World Attacks and Next-Gen Defenses

As organizations rapidly migrate to the cloud, the security of cryptographic key management has become a growing concern. Hardware Security Modules HSMs and Trusted Platform Modules TPMs, traditionally seen as the gold standard for securing encryption keys and digital trust, are increasingly...

CHAMP: a Configurable, Hot-Swappable Edge Architecture for Adaptive Biometric Tasks

What if you could piece together your own custom biometrics and AI analysis system, a bit like LEGO blocks? We aim to bring that technology to field operators in the field who require flexible, high-performance edge AI system that can be adapted on a moment's notice. This paper introduces CHAMP...