Aggregator

CVE-2021-43936 | Distributed Data Systems WebHMI 4.0 Portal unrestricted upload (icsa-21-336-03 / EDB-50589)

Vuldb Updates
8 months 1 week ago
A vulnerability was found in Distributed Data Systems WebHMI 4.0. It has been rated as critical. This issue affects some unknown processing of the component Portal. The manipulation leads to unrestricted upload. The identification of this vulnerability is CVE-2021-43936. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2020-11804 | TitanHQ SpamTitan 7.07 mailqueue.php quid input validation (EDB-48817)

Vuldb Updates
8 months 1 week ago
A vulnerability classified as critical has been found in TitanHQ SpamTitan 7.07. This affects an unknown part of the file mailqueue.php. The manipulation of the argument quid as part of HTTP GET Request leads to improper input validation. This vulnerability is uniquely identified as CVE-2020-11804. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

DeepSeek 称其新模型只花了 550 万美元训练

Solidot
8 months 1 week ago
杭州深度求索(DeepSeek)上周宣布了新系列模型 DeepSeek-V3。深度求索表示,DeepSeek-V3 在知识类任务上的水平相比前代 DeepSeek-V2.5 显著提升,接近当前表现最好的模型 Anthropic 的 Claude-3.5-Sonnet-1022。在美国数学竞赛和全国高中数学联赛上,DeepSeek-V3 大幅超过了其他所有开源闭源模型。在生成速度上,DeepSeek-V3 从 20TPS 大幅提高至 60TPS。官方技术论文披露,DeepSeek-V3 模型的总训练成本为 557.6 万美元,而 GPT-4o 等模型的训练成本约为 1 亿美元。DeepSeek-V3 有 6710 亿参数,在两个月时间内用 14.8 万亿 token 的数据进行了训练。前 OpenAI 和特斯拉高管 Andrej Karpathy 称,Llama 3 4050 亿参数模型使用了 3080 万 GPU 小时训练,DeepSeek-V3 参数规模更大,但只使用了 280 万 GPU 小时训练。如果它通过了氛围检查(vibe checks),那么这将是在资源受限的情况下研究和工程方面的一次令人印象深刻的展示。

Microsoft Warns of Windows 11 24H2 Issue that Blocks Windows Security Updates

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
8 months 1 week ago

Microsoft has issued a warning about a significant issue impacting devices running Windows 11, version 24H2, that could block essential Windows Security updates. The problem arises when users install this version of the operating system using media—such as CDs or USB drives—containing either the October 2024 or November 2024 security updates. If affected, devices may […]

The post Microsoft Warns of Windows 11 24H2 Issue that Blocks Windows Security Updates appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

CVE-2007-1734 | Linux Kernel 2.6.20/2.6.20.1/2.6.20.2 do_dccp_getsockopt denial of service (EDB-3587 / Nessus ID 28064)

Vuldb Updates
8 months 1 week ago
A vulnerability was found in Linux Kernel 2.6.20/2.6.20.1/2.6.20.2 and classified as critical. Affected by this issue is the function do_dccp_getsockopt. The manipulation leads to denial of service. This vulnerability is handled as CVE-2007-1734. Attacking locally is a requirement. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

Осиное гнездо безопасности: методические материалы

Securitylab.ru
8 months 1 week ago
В современном цифровом мире, где веб-приложения стали неотъемлемой частью бизнес-процессов и повседневной жизни, обеспечение их безопасности вышло на первый план. Именно поэтому вклад авторитетных организаций, таких как Open Web Application Security Project (OWASP), становится особенно ценным. OWASP предоставляет необходимые ресурсы и стандарты, помогая решать критически важные задачи по защите онлайн-сервисов. В данной статье мы подробно рассмотрим значимые проекты и инициативы OWASP, которые помогают разработчикам и специалистам по безопасности создавать более защищенные веб-приложения.

Managed ad