Aggregator

JSP3/2.0.14

不知道你有没有发现，步入成年，或者进入到工作岗位以后，自己的兴趣爱好就开始光速变得匮乏起来。曾经喜欢做的事情突然干不动了，找到让自己有动力研究的新兴趣难上加难，好不容易想要学习一个感兴趣的东西却总是三

中国电信 AI 研究所称它使用国产芯片训练了两个大模型。其中之一是 TeleChat2t-115B 为开源模型，项目托管在 GitHub 上，有大约 1150 亿个参数；另一个大模型没有公开名字，据称其参数有 1 万亿个。AI 研究所称，这表明国内在大模型训练上实现了完全自给自足。根据 TeleChat2t-115B GitHub 页面的描述，中国电信可能使用了华为昇腾 Atlas 800T A2 训练服务器，运行基于 Arm 8.2 架构的鲲鹏 920 7265 或鲲鹏 920 5250 处理器，分别有 64 个 3.0GHz 内核和 48 个 2.6GHz 内核。

A vulnerability was found in Hioa Student ID 1.2. It has been declared as critical. This vulnerability affects unknown code of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability was named CVE-2014-7433. Access to the local network is required for this attack. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Focus Sis 1.0. Affected by this issue is some unknown functionality of the file Focus/SIS. The manipulation of the argument FocusPath leads to code injection. This vulnerability is handled as CVE-2007-4806. The attack may be launched remotely. Furthermore, there is an exploit available.

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Rhadamanthys Stealer Adds Innovative AI Feature in Version 0.7.0 Threat Actors leverage Docker Swarm and Kubernetes to […]

A vulnerability classified as critical has been found in TLM CMS. Affected is an unknown function of the file mod_forum/messages.php of the component mod_forum/messages.php. The manipulation of the argument id_sujet leads to sql injection. This vulnerability is traded as CVE-2007-4808. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

Google Pay alarmed users this week after erroneously sending out "new card" added email notifications. Google has acknowledged that the email was "accidental" and that no user information was compromised. [...]

A vulnerability was found in TRENDnet TEW-812DRU and classified as critical. Affected by this issue is some unknown functionality of the file setNTP.cgi of the component Input Sanitizer. The manipulation of the argument NtpDstEnd/NtpDstOffset leads to os command injection. This vulnerability is handled as CVE-2013-3365. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in TLM CMS. It has been rated as critical. This issue affects some unknown processing of the file mod_forum/afficher.php of the component mod_forum/afficher.php. The manipulation leads to sql injection. The identification of this vulnerability is CVE-2007-4808. The attack may be initiated remotely. Furthermore, there is an exploit available.

Google 新西兰博客警告，如果新西兰政府通过法案《Fair Digital News Bargaining Bill》，强迫科技公司为其平台上展示的内容付费，它将停止链接新西兰新闻，逆转对当地新闻媒体的支持。Google 此举将切断新西兰新闻网站的流量，搜索巨人的做法与它在澳大利亚和加拿大制定类似法律后的反应类似。该法案是新西兰上届政府提出的，现政府由中右翼国家党组建，它在当时表示了反对，然而随着该国新闻媒体行业今年初失去了愈 200 个工作岗位，而全国新闻记者的人数大约在 1600 人左右，现政府重新开始推进该法案，要求科技平台与媒体分享收入。

A vulnerability classified as problematic was found in Sovell Smart Canteen System up to 3.0.7303.30513. Affected by this vulnerability is the function Check_ET_CheckPwdz201 of the file suanfa.py of the component Password Reset Handler. The manipulation leads to authorization bypass. This vulnerability is known as CVE-2024-9554. The attack can be launched remotely. There is no exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability, which was classified as critical, has been found in NetworkManager. This issue affects some unknown processing of the component libndp 1.5. The manipulation leads to improper access controls. The identification of this vulnerability is CVE-2016-3698. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in TLM CMS. It has been declared as critical. This vulnerability affects unknown code of the file affichage.php. The manipulation of the argument ID leads to sql injection. This vulnerability was named CVE-2007-4808. The attack can be initiated remotely. Furthermore, there is an exploit available.

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. WordPress LiteSpeed Cache plugin flaw could allow site takeover Apple iOS 18.0.1 and iPadOS 18.0.1 fix media session […]

A vulnerability was found in Google Android 4.4.3/5.0.1/5.1/6.0. It has been rated as critical. Affected by this issue is some unknown functionality of the component libjhead. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2016-3822. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Rama-palaniappan CalculatorApp 4. It has been classified as critical. This affects an unknown part of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is uniquely identified as CVE-2014-7432. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability was found in TLM CMS. It has been classified as critical. This affects an unknown part of the file file.php. The manipulation of the argument id leads to sql injection. This vulnerability is uniquely identified as CVE-2007-4808. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in oath-toolkit up to 2.6.11 and classified as critical. This issue affects the function oath_authenticate_usersfile of the file liboath/usersfile.c of the component pam_oath.so. The manipulation leads to symlink following. The identification of this vulnerability is CVE-2024-47191. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in WPVibes Elementor Addon Elements Plugin up to 1.13.6 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-47366. The attack can be initiated remotely. There is no exploit available.