Aggregator

本文系《电子数据完整性的功能扩张及其反思》一文的正文，注释从略，全文发表于《环球法律评论》2025年第6期，原文请参见环球法律评论网站：https://globallawreview.ajcass.com，或点击文末左下角“阅读原文”。

随着生成式人工智能技术的飞速发展，AI换脸（深度伪造）技术已从娱乐工具演变为新型网络犯罪的利器。

Discover how TrendAI Zero Day Initiative (ZDI) identified critical vulnerabilities across connected vehicles, EV chargers, and automotive systems.

Discover how the TrendAI Vision One and SentinelOne integration exemplifies our commitment to endpoint flexibility.

美团技术团队推出了 EvoCUA 模型并在 Github、Huggingface 开源，通过构建可验证数据合成引擎与十万级并发的交互沙盒，将训练范式从传统的“静态轨迹模仿”转变为高效的“经验进化学习”。

PeckBirdy is a sophisticated JScript-based C&C framework used by China-aligned APT groups to exploit LOLBins across multiple environments, delivering advanced backdoors to target gambling industries and Asian government entities.

为企业提供一站式的大模型落地服务。

本文档记录了针对The Hackers Labs平台Securitrona靶机的渗透测试全过程，涉及的漏洞类型：LLM提示词注入、路径遍历、SUID权限滥用

A vulnerability, which was classified as very critical, has been found in FasterXML jackson-databind up to 2.9.10.3. This impacts an unknown function of the component Gadget Handler. This manipulation causes Remote Code Execution (Serialized). This vulnerability is handled as CVE-2020-10673. The attack can be initiated remotely. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability classified as very critical was found in FasterXML jackson-databind up to 2.9.10.3. This affects an unknown function of the component Gadget Handler. The manipulation results in Remote Code Execution (Serialized). This vulnerability is known as CVE-2020-10672. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is advised.

A vulnerability marked as critical has been reported in JSON Gem up to 2.2.0 on Ruby. Affected by this issue is some unknown functionality of the component Object Handler. The manipulation leads to improper input validation. This vulnerability is traded as CVE-2020-10663. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Requests Package up to 2.19.1 on Python. It has been declared as problematic. Impacted is an unknown function. Executing a manipulation as part of Authorization Header can lead to credentials management. This vulnerability is tracked as CVE-2018-18074. The attack can be launched remotely. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability identified as problematic has been detected in Linux Kernel up to 6.12.5. The impacted element is an unknown function of the component sof_sdw. This manipulation causes privilege escalation. This vulnerability is registered as CVE-2024-57880. The attack requires access to the local network. No exploit is available. You should upgrade the affected component.

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.12.6. The affected element is the function pfn_to_page of the component page_alloc. The manipulation results in null pointer dereference. This vulnerability is cataloged as CVE-2024-57881. The attack must originate from the local network. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability labeled as problematic has been found in Linux Kernel up to 6.12.5. This affects the function iso_listen_bis of the component Bluetooth. Such manipulation leads to denial of service. This vulnerability is documented as CVE-2024-57879. The attack requires being on the local network. There is not any exploit available. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 6.12.4. It has been rated as problematic. Affected is the function fpmr_set. This manipulation causes uninitialized pointer. This vulnerability is registered as CVE-2024-57878. The attack requires access to the local network. No exploit is available. Upgrading the affected component is advised.

A vulnerability was found in Linux Kernel up to 6.12.4. It has been declared as problematic. This impacts the function poe_set. The manipulation results in uninitialized pointer. This vulnerability is cataloged as CVE-2024-57877. The attack must originate from the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.119/6.6.65/6.12.4 and classified as critical. The impacted element is the function drm_dp_mst_handle_down_rep. Executing a manipulation can lead to memory corruption. This vulnerability is tracked as CVE-2024-57876. The attack is only possible within the local network. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability marked as critical has been reported in Linux Kernel up to 6.12.4. Affected by this vulnerability is the function disk_zone_is_conv. Performing a manipulation results in null pointer dereference. This vulnerability is known as CVE-2024-57875. Access to the local network is required for this attack. No exploit is available. It is suggested to upgrade the affected component.

jsPDF 路径遍历漏洞分析(CVE-2025-68428)