fweno.onefour.com.br

Current Conditions
São Paulo
céu limpo

24 ℃
45%
Temperatura
Umidade
Fonte: OpenWeatherMap. - 16:00:02
  1. [USD] USD 79,044.94
  1. [BRL] BRL 393,975.80 [USD] USD 79,044.94 [GBP] GBP 58,523.37 [EUR] EUR 67,502.17
    Price index provided by blockchain.info.
  2. Bitcoin Core version 31.0 is now available for download. See the release notes for more information about the bug fixes in this release.
    If you have any questions, please stop by the #bitcoin IRC chatroom (IRC, web) and we’ll do our best to help you.

dog - 16:22:50 up 215 days, 54 min, 4 users, load average: 0.00, 0.03, 0.01

Google News

[22/04/2026 14:38] PF retira credenciais de policial dos EUA em retaliação a expulsão de delegado - Estadão

[22/04/2026 11:40] Toffoli se declara suspeito e não participa de julgamento sobre prisão de ex-presidente do BRB no STF - G1

[22/04/2026 13:45] Candidata a miss morre após cair de apartamento no RJ; namorado é preso - CNN Brasil

[21/04/2026 19:05] Trump estende cessar-fogo com Irã, mas mantém tropas em Ormuz - Poder360

[22/04/2026 10:13] Oposição apresentará pedido de impeachment de Gilmar por ação contra Zema - Estado de Minas

[22/04/2026 12:24] Corpo encontrado na Praia do Leblon é de advogada desaparecida no mar no sábado - O GLOBO

[22/04/2026 09:52] CCJ da Câmara retoma análise do fim da escala 6x1 nesta quarta - Agência Brasil

[22/04/2026 15:15] Família que morreu em acidente com carreta a caminho de SC na BR-251 estava de mudança - NSC Total

[22/04/2026 09:14] Ataque a tiros em bar mata dois irmãos e deixa quatro homens feridos em BH; VÍDEO - G1

[22/04/2026 13:13] Argentino é preso em Copacabana por injúria racial contra jovem - O GLOBO

NVD Feed

[CVE-2025-45493] [Modified: 05-01-2026] [Analyzed] [V3.1 S6.5:MEDIUM] Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection via the iface parameter in the action_bandwidth function.

[CVE-2025-50526] [Modified: 02-01-2026] [Analyzed] [V3.1 S9.8:CRITICAL] Netgear EX8000 V1.0.0.126 was discovered to contain a command injection vulnerability via the switch_status function.

[CVE-2025-65865] [Modified: 06-01-2026] [Analyzed] [V3.1 S7.5:HIGH] An integer overflow in eProsima Fast-DDS v3.3 allows attackers to cause a Denial of Service (DoS) via a crafted input.

[CVE-2025-67108] [Modified: 02-01-2026] [Analyzed] [V3.1 S10.0:CRITICAL] eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections.

[CVE-2025-67109] [Modified: 06-01-2026] [Analyzed] [V3.1 S10.0:CRITICAL] Improper verification of the time certificate in Eclipse Cyclone DDS before v0.10.5 allows attackers to bypass certificate checks and execute commands with System privileges.

[CVE-2025-67111] [Modified: 06-01-2026] [Analyzed] [V3.1 S7.5:HIGH] An integer overflow in the RTPS protocol implementation of OpenDDS DDS before v3.33.0 allows attackers to cause a Denial of Service (DoS) via a crafted message.

[CVE-2024-57521] [Modified: 06-01-2026] [Analyzed] [V3.1 S10.0:CRITICAL] SQL Injection vulnerability in RuoYi v.4.7.9 and before allows a remote attacker to execute arbitrary code via the createTable function in SqlUtil.java.

[CVE-2025-29228] [Modified: 06-01-2026] [Analyzed] [V3.1 S9.8:CRITICAL] Linksys E5600 V1.1.0.26 is vulnerable to command injection in the runtime.macClone function via the mc.ip parameter.

[CVE-2025-29229] [Modified: 06-01-2026] [Analyzed] [V3.1 S9.8:CRITICAL] linksys E5600 V1.1.0.26 is vulnerable to command injection in the function ddnsStatus.

[CVE-2025-33222] [Modified: 15-01-2026] [Analyzed] [V3.1 S9.8:CRITICAL] NVIDIA Isaac Launchable contains a vulnerability where an attacker could exploit a hard-coded credential issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, denial of service, and data tampering.

[CVE-2025-33223] [Modified: 15-01-2026] [Analyzed] [V3.1 S9.8:CRITICAL] NVIDIA Isaac Launchable contains a vulnerability where an attacker could cause an execution with unnecessary privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, denial of service, information disclosure and data tampering.

[CVE-2025-33224] [Modified: 15-01-2026] [Analyzed] [V3.1 S9.8:CRITICAL] NVIDIA Isaac Launchable contains a vulnerability where an attacker could cause an execution with unnecessary privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, denial of service, information disclosure and data tampering.

[CVE-2025-65410] [Modified: 06-01-2026] [Analyzed] [V3.1 S6.2:MEDIUM] A stack overflow in the src/main.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service (DoS) via injecting a crafted input into the filename parameter.

[CVE-2025-65713] [Modified: 06-01-2026] [Analyzed] [V3.1 S4.0:MEDIUM] Home Assistant Core before v2025.8.0 is vulnerable to Directory Traversal. The Downloader integration does not fully validate file paths during concatenation, leaving a path traversal vulnerability.

[CVE-2025-51511] [Modified: 06-01-2026] [Analyzed] [V3.1 S9.8:CRITICAL] Cadmium CMS v.0.4.9 has a background arbitrary file upload vulnerability in /admin/content/filemanager/uploads.

[CVE-2025-25364] [Modified: 06-01-2026] [Analyzed] [V3.1 S8.4:HIGH] A command injection vulnerability in the me.connectify.SMJobBlessHelper XPC service of Speedify VPN up to v15.0.0 allows attackers to execute arbitrary commands with root-level privileges.

[CVE-2021-47716] [Modified: 31-12-2025] [Analyzed] [V3.1 S5.4:MEDIUM] Orangescrum 1.8.0 contains multiple cross-site scripting vulnerabilities that allow authenticated attackers to inject malicious scripts through various input parameters. Attackers can exploit parameters like 'projid', 'CS_message', and 'name' to execute arbitrary JavaScript code in victim's browsers by submitting crafted payloads through application endpoints.

[CVE-2021-47720] [Modified: 31-12-2025] [Analyzed] [V3.1 S7.1:HIGH] Orangescrum 1.8.0 contains an authenticated SQL injection vulnerability that allows authorized users to manipulate database queries through multiple vulnerable parameters. Attackers can inject malicious SQL code into parameters like old_project_id, project_id, uuid, and uniqid to potentially extract or modify database information.

[CVE-2021-47721] [Modified: 31-12-2025] [Analyzed] [V3.1 S8.8:HIGH] Orangescrum 1.8.0 contains a privilege escalation vulnerability that allows authenticated users to take over other project-assigned accounts by manipulating session cookies. Attackers can extract the victim's unique ID from the page source and replace their own session cookie to gain unauthorized access to another user's account.

[CVE-2021-47733] [Modified: 31-12-2025] [Analyzed] [V3.1 S6.1:MEDIUM] CMSimple 5.4 contains a cross-site scripting vulnerability that allows attackers to bypass input filtering by using HTML to Unicode encoding. Attackers can inject malicious scripts by encoding payloads like ')-alert(1)// and execute arbitrary JavaScript when victims interact with delete buttons.

 
Amazon AWS httpd php.net Lets Encrypt Bootstrap