Aggregator

​“虚拟定位”APP案件法律适用

韩国首尔东区法院周二对一名故意增肥以逃避兵役的男子判处一年监禁缓刑两年，罪名是违反《兵役法》。帮助他制定增肥计划的一名朋友被判处六个月监禁缓刑一年，罪名是协助和教唆犯罪。韩国所有身体健康的男性都必须在军队服役 18-21 个月，有健康问题的人改为社区服务。法庭称，2017 年体检时该男子高 169 厘米重 83 公斤，符合服兵役条件。但他随后将每日的食物摄入量增加了一倍，摄入高热量食物，辞去了快递的兼职，在测试前饮用大量的水。2022-2023 年的三次体检中，该男子的体重为 102-105 公斤，因为超重他更适合进行社区服务。法庭表示，该男子已承诺履行兵役义务，被告和检方都对裁决无异议。

公安部会同国家发展和改革委员会、工业和信息化部、中国人民银行联合印发了《电信网络诈骗及其关联违法犯罪联合惩戒办法》

GitLab, a widely used platform for DevOps lifecycle management, has released critical security updates for its Community Edition (CE) and Enterprise Edition (EE). The updates address multiple vulnerabilities, including a high-severity issue that could allow attackers to escalate privileges via compromised tokens. The company strongly advises all self-managed GitLab installations to upgrade immediately to the […]

The post Critical Gitlab Vulnerability Let Attackers Escalate Privileges appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

大赛报名：https://pwn.butian.net/

大赛报名：https://pwn.butian.net/

大赛报名：https://pwn.butian.net/

大赛报名：https://pwn.butian.net/

大赛报名：https://pwn.butian.net/

大赛报名：https://pwn.butian.net/

大赛报名：https://pwn.butian.net/

Hitachi Energyが提供する複数の製品には、複数の脆弱性が存在します。

A vulnerability, which was classified as critical, was found in Zabbix up to 5.0.42/6.0.32/6.4.17/7.0.1rc1. This affects an unknown part of the component API Endpoint. The manipulation leads to improper authorization. This vulnerability is uniquely identified as CVE-2024-36467. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Internal Linking for SEO Traffic & Ranking Plugin up to 1.2.1 on WordPress. Affected by this issue is the function post_id. The manipulation leads to sql injection. This vulnerability is handled as CVE-2024-11009. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic was found in Cimatti Contact Forms Plugin up to 1.9.2 on WordPress. Affected by this vulnerability is the function process_bulk_action. The manipulation leads to cross-site request forgery. This vulnerability is known as CVE-2024-10521. The attack can be launched remotely. There is no exploit available.

澳大利亚众议院周三以 102 票对 13 通过了禁止 16 岁以下儿童使用社媒的法案。澳主要政党都支持该法案， 如果 TikTok、Facebook、Snapchat、Reddit、X 和 Instagram 等社媒平台因未能系统性阻止儿童持有账户，它们将面临最高 5000 万澳元的罚款。如果该法案本周成为法律，社媒平台有一年时间研究如何实施年龄限制。为加强隐私保护，社媒平台不得强迫用户提供政府签发的身份证明文件如护照或驾照，平台也不能要求通过一个政府系统进行数字身份识别。澳参议院将在周三晚些时候讨论该法案，主要政党的支持基本上确保了该法案将会在参议院获得通过。

A vulnerability classified as problematic has been found in FFmpeg. Affected is an unknown function of the component HLS XBIN Demuxer. The manipulation leads to resource consumption. This vulnerability is traded as CVE-2023-6604. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in FFmpeg. It has been rated as problematic. This issue affects some unknown processing of the component HLS EXT-X-MAP. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2023-6603. The attack may be initiated remotely. There is no exploit available.