fweno.onefour.com.br

Current Conditions
São Paulo
nuvens quebradas

21 ℃
89%
Temperatura
Umidade
Fonte: OpenWeatherMap. - 20:00:01
  1. [USD] USD 90,306.01
  1. [BRL] BRL 489,404.41 [USD] USD 90,306.01 [GBP] GBP 67,533.64 [EUR] EUR 76,898.73
    Price index provided by blockchain.info.
  2. Disclosure of the details of a bug on 32-bit systems which may, in a rare edge case, cause the node to crash when receiving a pathological block. This bug would be extremely hard to exploit. A fix was released on October 10th 2025 in Bitcoin Core v30.0.
    This issue is considered Low severity.

    Details

    Before writing a block to disk, Bitcoin Core checks that its size is within a normal range. This check would overflow on 32-bit systems for blocks over 1GB, and make the node crash when writing it to disk. Such a block cannot be sent using the BLOCK message, but could in theory be sent as a compact block if the victim node has a non-default large mempool which already contains 1GB of transactions. This would require the victim to have set their -maxmempool option to a value greater than 3GB, while 32-bit systems may have at most 4GiB of memory.
    This issue was indirectly prevented by capping the maximum value of the -maxmempool setting on 32-bit systems.

    Attribution

    Pieter Wuille discovered this bug and disclosed it responsibly.
    Antoine Poinsot proposed and implemented a covert mitigation.

    Timeline

    • 2025-04-24 - Pieter Wuille reports the issue
    • 2025-05-16 - Antoine Poinsot opens PR #32530 with a covert fix
    • 2025-06-26 - PR #32530 is merged into master
    • 2025-09-04 - Version 29.1 is released with the fix
    • 2025-10-10 - Version 30.0 is released with the fix
    • 2025-10-24 - Public Disclosure

dog - 20:16:08 up 84 days, 4:47, 8 users, load average: 0.00, 0.00, 0.00

Google News

[12/12/2025 18:31] Como a imprensa internacional noticiou retirada de sanções contra Moraes pela Lei Magnistky - G1

[12/12/2025 14:51] Operação da Polícia Federal reaproxima Arthur Lira e Hugo Motta - ICL Notícias

[12/12/2025 10:33] ‘Encruzilhada’: Hugo Motta se vê sem opções diante da ordem de Moraes para cassar Carla Zambelli - CartaCapital

[12/12/2025 08:41] Funcionário de empresa parceira da Enel é preso em flagrante após cobrar propina para religar energia - O Globo

[12/12/2025 14:49] Inmet emite alerta vermelho de tempestade para 3 Estados; ventos podem chegar a 100 km/h - Revista Oeste

[12/12/2025 16:38] CPMI do INSS quebra sigilo de Vorcaro e encontra contato de Moraes e esposa - Metrópoles

[12/12/2025 13:19] Marcelo Paz reduz salário após queda e segue como CEO da SAF do Fortaleza - O POVO

[12/12/2025 15:37] 'Nunes age como marido traído e culpa o sofá', diz advogado da Enel sobre apagão em São Paulo - Folha de S.Paulo

[12/12/2025 17:19] Charles 3º anuncia melhora e diz que tratamento contra câncer será reduzido - UOL

[12/12/2025 15:26] Democratas divulgam novas imagens de Epstein com Trump, Bill Clinton e príncipe Andrew - Estadão

NVD Feed

[CVE-2025-8979] [Modified: 18-08-2025] [Analyzed] [V3.1 S6.6:MEDIUM] A vulnerability was identified in Tenda AC15 15.13.07.13. Affected by this vulnerability is the function check_fw_type/split_fireware/check_fw of the component Firmware Update Handler. The manipulation leads to insufficient verification of data authenticity. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.

[CVE-2025-8980] [Modified: 18-08-2025] [Analyzed] [V3.1 S6.6:MEDIUM] A vulnerability has been found in Tenda G1 16.01.7.8(3660). Affected by this issue is the function check_upload_file of the component Firmware Update Handler. The manipulation leads to insufficient verification of data authenticity. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.

[CVE-2025-8981] [Modified: 18-08-2025] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/operations/payment.php. The manipulation of the argument payment_type leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

[CVE-2025-8982] [Modified: 18-08-2025] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/currency.php. The manipulation of the argument curr_code leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

[CVE-2025-8983] [Modified: 18-08-2025] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/operations/expense.php. The manipulation of the argument expense_for leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

[CVE-2025-8984] [Modified: 18-08-2025] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/operations/expense_category.php. The manipulation of the argument expense_name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

[CVE-2025-8985] [Modified: 18-08-2025] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

[CVE-2025-8986] [Modified: 18-08-2025] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability was determined in SourceCodester COVID 19 Testing Management System 1.0. Affected by this issue is some unknown functionality of the file /search-report-result.php. The manipulation of the argument serachdata leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

[CVE-2025-31987] [Modified: 21-11-2025] [Analyzed] [V3.1 S4.8:MEDIUM] HCL Connections Docs may mishandle validation of certain uploaded documents leading to denial of service due to resource exhaustion.

[CVE-2025-8987] [Modified: 18-08-2025] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability was identified in SourceCodester COVID 19 Testing Management System 1.0. This affects an unknown part of the file /test-details.php. The manipulation of the argument remark leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

[CVE-2025-8988] [Modified: 18-08-2025] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability has been found in SourceCodester COVID 19 Testing Management System 1.0. This vulnerability affects unknown code of the file /bwdates-report-result.php. The manipulation of the argument fromdate leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

[CVE-2025-8989] [Modified: 18-08-2025] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. This issue affects some unknown processing of the file /edit-phlebotomist.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

[CVE-2025-8990] [Modified: 21-08-2025] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability was determined in code-projects Online Medicine Guide 1.0. Affected is an unknown function of the file /browsemdcn.php. The manipulation of the argument Search leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

[CVE-2025-8991] [Modified: 11-09-2025] [Analyzed] [V3.1 S4.3:MEDIUM] A vulnerability was identified in linlinjava litemall up to 1.8.0. Affected by this vulnerability is an unknown functionality of the file /admin/config/express of the component Business Logic Handler. The manipulation of the argument litemall_express_freight_min leads to business logic errors. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

[CVE-2025-8992] [Modified: 27-08-2025] [Analyzed] [V3.1 S4.3:MEDIUM] A vulnerability has been found in mtons mblog up to 3.5.0. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

[CVE-2025-8993] [Modified: 18-08-2025] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/expense_report.php. The manipulation of the argument from_date leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

[CVE-2025-9000] [Modified: 11-09-2025] [Analyzed] [V3.1 S7.0:HIGH] A vulnerability was found in Mechrevo Control Center GX V2 5.56.51.48. Affected by this vulnerability is an unknown functionality of the component reg File Handler. The manipulation leads to uncontrolled search path. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.

[CVE-2025-9001] [Modified: 11-09-2025] [Analyzed] [V3.1 S5.3:MEDIUM] A vulnerability was determined in LemonOS up to nightly-2024-07-12 on LemonOS. Affected by this issue is the function HTTPGet of the file /Applications/Steal/main.cpp of the component HTTP Client. The manipulation of the argument chunkSize leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

[CVE-2025-9002] [Modified: 11-09-2025] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability was identified in Surbowl dormitory-management-php 1.0. This affects an unknown part of the file login.php. The manipulation of the argument Account leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

[CVE-2025-9003] [Modified: 03-10-2025] [Analyzed] [V3.1 S3.5:LOW] A vulnerability has been found in D-Link DIR-818LW 1.04. This vulnerability affects unknown code of the file /bsc_lan.php of the component DHCP Reserved Address Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. This vulnerability only affects products that are no longer supported by the maintainer.

 
Amazon AWS httpd php.net Lets Encrypt Bootstrap