26 matches found
TraceGuard: Process-Guided Firewall against Reasoning Backdoors in Large Language Models
The deployment of Large Reasoning Models LRMs in high-stakes decision-making pipelines has introduced a novel and opaque attack surface: reasoning backdoors. In these attacks, the model's intermediate Chain-of-Thought CoT is manipulated to provide a linguistically plausible but logically fallacio...
EUVD-2025-24116
Malicious code in bioql PyPI...
EUVD-2025-24109
Malicious code in bioql PyPI...
CVE-2025-25278
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition...
CVE-2025-27128
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free...
CVE-2025-27577
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition...
Intel® Xeon® 6 Processor with Intel® TDX Advisory
Summary: A potential security vulnerability in some Intel® Xeon® 6 processor with Intel® Trust Domain Extensions Intel® TDX may allow escalation of privilege. Intel is releasing a microcode update to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-22889 Description:...
CVE-2025-25278
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition...
CVE-2025-25278
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition...
CVE-2025-24298
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free...
CVE-2025-27128
CVE-2025-27128 affects OpenHarmony v5.0.3 and earlier, with a use-after-free in the tcb component allowing a local attacker to execute arbitrary code. The vulnerability path is local with low privileges required and no user interaction, yielding high impact on confidentiality, integrity, and avai...
CVE-2025-24298 liteos_a has an UAF vulnerability
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free...
CVE-2025-24298
CVE-2025-24298 relates to OpenHarmony, affecting v5.0.3 and earlier where a use-after-free in the trusted computing base (tcb) enables a local attacker to achieve arbitrary code execution. The vulnerability is locally exploitable due to tcb’s post-release reuse issue, with impact on confidentiali...
CVE-2025-25278
OpenHarmony CVE-2025-25278 affects OpenHarmony v5.0.3 and earlier due to a race condition in the tcb component that can allow a local attacker to execute arbitrary code. The root cause is a race condition in tcb leading to local code execution with high impact; exploitability is local with no use...
CVE-2025-25278 liteos_a has a race condition vulnerability
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition...
CVE-2025-25278 liteos_a has a race condition vulnerability
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition...
CVE-2025-27577
CVE-2025-27577 affects OpenHarmony v5.0.3 and earlier where a local attacker can achieve arbitrary code execution via a race condition in the tcb component. The root cause is a race condition that could be exploited locally; no remote vector is described in the provided documents. A remediation i...
OpenHarmony 资源管理错误漏洞
OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom OpenAtom Foundation. A resource management error vulnerability exists in OpenHarmony v5.0.3 and earlier versions, which stems from a post-release reuse issue in tcb and could lead to the execution of arbitrar...
PT-2025-32511 · Openharmony · Openharmony
Name of the Vulnerable Software and Affected Versions: OpenHarmony versions prior to 5.0.4 Description: OpenHarmony versions prior to 5.0.4 contain a use-after-free issue in the tcb component that allows a local attacker to execute arbitrary code. Recommendations: Update to OpenHarmony version...
PT-2025-32514 · Openharmony · Openharmony
Name of the Vulnerable Software and Affected Versions: OpenHarmony versions prior to 5.0.4 Description: The software contains a flaw that allows a local attacker to execute arbitrary code within the tcb component due to a race condition. Recommendations: Update to version 5.0.4 or later...