Aggregator

根据最新一期的《AI 现状报告（State of AI）》，OpenAI 相对于其它 AI 公司的优势基本消失。Anthropic 的 Claude 3.5 Sonnet、Google 的 Gemini 1.5、X 的 Grok 2，Meta 的 Llama 3.1 4050 亿参数开源模型，在部分基准测试中已与 OpenAI 的 GPT-4o 持平，部分测试甚至略胜。OpenAI 最近发布的 o1 Strawberry 模型在推理任务中仍然保持着优势。此外大模型执行推理任务所需的费用正在快速下降，一个原因是不同大模型之间性能相差不大，AI 企业被迫在价格上展开竞争；另一个原因是工程师们致力于优化降低运行成本。今天 OpenAI GPT-4o 每 token 输出费用仅为今年 3 月 GPT-4 推出时候的百分之一，Gemini 1.5 Pro 比 2 月 Gemini 模型宣布时低 76%。

It's true: Google Scholar profile of the renowned former physicist and polymath, Sir Isaac Newton bears a "verified email" note. According to Google Scholar, Isaac Newton is a "Professor of Physics, MIT" with a "Verified email at mit.edu." [...]

古巴电网周五发生故障，全国千万人断电。古巴最大的发电厂 Antonio Guiteras 电厂周五中午前发生故障，导致全国电网瘫痪。这次大断电前古巴已经在实施轮流断电。总理 Manuel Marrero Cruz 将问题归咎于基础设施老化和飓风 Milton 加剧了燃料短缺。飓风增加了将燃料运送到古巴的难度。古巴总理表示政府将优先为居民区恢复供电，承诺燃料会在未来几天运抵。古巴官员尚未透露电网何时恢复的时间。古巴最近几年面临日益严重的经济危机和粮食短缺。

A vulnerability was found in Adobe Acrobat Reader up to 11.0.17/15.006.30201/15.017.20053 and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2016-7015. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Adobe Acrobat Reader up to 11.0.17/15.006.30201/15.017.20053 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to memory corruption. This vulnerability is known as CVE-2016-7014. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in onesolutionapps Woodward Bail 1.1. This vulnerability affects unknown code of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability was named CVE-2014-7803. Access to the local network is required for this attack. There is no exploit available.

A vulnerability, which was classified as critical, was found in Adobe Acrobat Reader up to 11.0.17/15.006.30201/15.017.20053. Affected is an unknown function. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2016-7013. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in zlib up to 1.3. This affects the function zipOpenNewFileInZip4_64 of the component MiniZip. The manipulation of the argument filename/comment/extra leads to heap-based buffer overflow. This vulnerability is uniquely identified as CVE-2023-45853. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Oracle MySQL Cluster and MySQL Server up to 7.5.35/7.6.31/8.0.39/8.4.2/9.0.1. It has been classified as critical. Affected is an unknown function of the component Thread Pooling. The manipulation leads to improper authorization. This vulnerability is traded as CVE-2024-21238. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Oracle MySQL Cluster and MySQL Client up to 7.5.35/7.6.31/8.0.39/8.4.2/9.0.1. This vulnerability affects unknown code of the component Mysqldump. The manipulation leads to improper authorization. This vulnerability was named CVE-2024-21247. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Oracle MySQL Connectors up to 9.0.0. Affected is an unknown function of the component ODBC. The manipulation leads to denial of service. This vulnerability is traded as CVE-2024-21262. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Microsoft Edge and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to an unknown weakness. This vulnerability is handled as CVE-2024-43577. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in OpenSSL up to 3.0.13/3.1.5/3.2.1/3.3.0. Affected by this vulnerability is the function EVP_PKEY_param_check/EVP_PKEY_public_check of the file crypto/dsa/dsa_check.c of the component DSA Handler. The manipulation leads to denial of service. This vulnerability is known as CVE-2024-4603. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in OpenSSL up to 1.1.1x/3.0.13/3.1.5/3.2.1 and classified as critical. This vulnerability affects unknown code of the component TLSv1.3 Handler. The manipulation leads to denial of service. This vulnerability was named CVE-2024-2511. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Adobe Acrobat Reader up to 11.0.17/15.006.30201/15.017.20053. This issue affects some unknown processing. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2016-7012. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in iyzi Forum up to 1 Beta 2. It has been classified as critical. Affected is an unknown function. The manipulation of the argument uye_nu leads to sql injection. This vulnerability is traded as CVE-2006-5054. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Palo Alto GlobalProtect App up to 5.1/6.1/6.2.4/6.3 on Windows. This affects the function repair. The manipulation leads to execution with unnecessary privileges. This vulnerability is uniquely identified as CVE-2024-9473. Attacking locally is a requirement. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in encode starlette up to 0.39.x. This affects an unknown part. The manipulation leads to allocation of resources. This vulnerability is uniquely identified as CVE-2024-47874. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.