fweno.onefour.com.br

Current Conditions
São Paulo
céu limpo

12 ℃
92%
Temperatura
Umidade
Fonte: OpenWeatherMap. - 21:30:01
  1. [USD] USD 81,540.93
  1. [BRL] BRL 400,153.95 [USD] USD 81,540.93 [GBP] GBP 59,951.09 [EUR] EUR 69,252.14
    Price index provided by blockchain.info.
  2. After Bitcoin Core 0.14.0 and before Bitcoin Core 29.0, validating a specially-crafted block may cause the node to access previously freed memory.
    During validation, necessary data required for checking inputs for each transaction is pre-calculated and cached. For specially crafted invalid blocks, it was possible for this data to be destroyed while it was still being accessed by a background validation thread. An attacker capable of mining a block with sufficient proof-of-work could have exploited this to crash victim nodes. Because of the nature of use-after-free bugs, it is possible that the crash could have been used for remote code execution, though constraints on the input (block) data make this unlikely.
    This issue is considered High severity.

    Details

    By default, script validation for new blocks is dispatched to background threads via a vector of CScriptCheck functors. Each CScriptCheck holds a pointer to a PrecomputedTransactionData object which stores some data needed by each input in the transaction. Because it stores a pointer and not the data itself, care must be taken to ensure that the PrecomputedTransactionData outlives the CScriptCheck.
    The script checks lifetime is enforced by an RAII class, CCheckQueueControl. However, the control is intantiated before the precomputed transaction data. Because local objects in C++ are destructed in reverse order of construction, this means the vector of PrecomputedTransactionData is destroyed before the CCheckQueueControl.
    This is not an issue when the block is valid, as CCheckQueueControl::Wait() will be called before the function returns and the PrecomputedTransactionData gets destroyed. However, in case of an early return (when a separate check fails) a background script thread may read the precomputed transaction data after it was destroyed. An attacker could exploit this to crash victim nodes at the expense of a valid PoW at tip.

    Attribution

    Cory Fields (MIT DCI) discovered this vulnerability and responsibly disclosed it in a detailed report containing a proof of concept for reproduction and a proposed mitigation.

    Timeline

    • 2024-11-02 Cory Fields privately reports the bug
    • 2024-11-06 Pieter Wuille pushes a covert fix to already open PR #31112 which works around the issue by removing the early returns
    • 2024-12-03 PR #31112 is merged
    • 2025-04-12 Bitcoin Core version 29.0 is released with a fix
    • 2026-04-19 The last vulnerable Bitcoin Core version (28.x) goes end of life
    • 2026-05-05 Public disclosure.

dog - 21:33:11 up 234 days, 6:04, 3 users, load average: 0.00, 0.00, 0.00

Google News

[11/05/2026 20:26] Explosão destrói ao menos dez imóveis em área residencial na Zona Oeste de SP - O Globo

[11/05/2026 11:58] Paulinho da Força responde fala de Flávio sobre "jogo combinado" com Moraes - CNN Brasil

[11/05/2026 19:16] Nunes Marques é sorteado como relator de pedido de Bolsonaro para anular condenação - CartaCapital

[11/05/2026 17:24] Hantavírus mata quase metade dos infectados no Brasil: veja onde há mais risco (e por que não tem relação com surto em navio de cruzeiro) - BBC

[11/05/2026 14:03] Defesa de Ciro Nogueira: Kakay nega atrito e diz que saída foi consensual - Correio Braziliense

[11/05/2026 10:47] Racha na direita: Salles ataca Eduardo Bolsonaro em disputa pelo Senado - Estado de Minas

[11/05/2026 12:59] Minas Gerais confirma primeira morte por hantavírus em 2026 - Agência Brasil

[11/05/2026 18:58] Grevistas de Unesp, USP e Unicamp têm confronto com bolsonaristas - Poder360

[11/05/2026 15:45] Guarda municipal é preso após matar esposa na festa do casamento em Campinas - Jovem Pan

[11/05/2026 08:13] Ministro Nunes Marques convida Bolsonaro para cerimônia de posse na Presidência do TSE - R7

NVD Feed

[CVE-2025-52435] [Modified: 14-01-2026] [Analyzed] [V3.1 S7.5:HIGH] J2EE Misconfiguration: Data Transmission Without Encryption vulnerability in Apache NimBLE. Improper handling of Pause Encryption procedure on Link Layer results in a previously encrypted connection being left in un-encrypted state allowing an eavesdropper to observe the remainder of the exchange. This issue affects Apache NimBLE: through <= 1.8.0. Users are recommended to upgrade to version 1.9.0, which fixes the issue.

[CVE-2025-53470] [Modified: 14-01-2026] [Analyzed] [V3.1 S3.1:LOW] Out-of-bounds Read vulnerability in Apache NimBLE HCI H4 driver. Specially crafted HCI event could lead to invalid memory read in H4 driver. This issue affects Apache NimBLE: through 1.8.  This issue requires a broken or bogus Bluetooth controller and thus severity is considered low. Users are recommended to upgrade to version 1.9, which fixes the issue.

[CVE-2025-53477] [Modified: 14-01-2026] [Analyzed] [V3.1 S7.5:HIGH] NULL Pointer Dereference vulnerability in Apache Nimble. Missing validation of HCI connection complete or HCI command TX buffer could lead to NULL pointer dereference. This issue requires disabled asserts and broken or bogus Bluetooth controller and thus severity is considered low. This issue affects Apache NimBLE: through 1.8.0. Users are recommended to upgrade to version 1.9.0, which fixes the issue.

[CVE-2025-62235] [Modified: 14-01-2026] [Analyzed] [V3.1 S8.1:HIGH] Authentication Bypass by Spoofing vulnerability in Apache NimBLE. Receiving specially crafted Security Request could lead to removal of original bond and re-bond with impostor. This issue affects Apache NimBLE: through 1.8.0. Users are recommended to upgrade to version 1.9.0, which fixes the issue.

[CVE-2026-0836] [Modified: 13-01-2026] [Analyzed] [V3.1 S8.8:HIGH] A vulnerability was determined in UTT 进取 520W 1.7.7-180627. The impacted element is the function strcpy of the file /goform/formConfigFastDirectionW. This manipulation of the argument ssid causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2026-0837] [Modified: 13-01-2026] [Analyzed] [V3.1 S8.8:HIGH] A vulnerability was identified in UTT 进取 520W 1.7.7-180627. This affects the function strcpy of the file /goform/formFireWall. Such manipulation of the argument GroupName leads to buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2026-0838] [Modified: 13-01-2026] [Analyzed] [V3.1 S8.8:HIGH] A security flaw has been discovered in UTT 进取 520W 1.7.7-180627. This impacts the function strcpy of the file /goform/ConfigWirelessBase. Performing a manipulation of the argument ssid results in buffer overflow. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2026-0839] [Modified: 13-01-2026] [Analyzed] [V3.1 S8.8:HIGH] A weakness has been identified in UTT 进取 520W 1.7.7-180627. Affected is the function strcpy of the file /goform/APSecurity. Executing a manipulation of the argument wepkey1 can lead to buffer overflow. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2026-0840] [Modified: 13-01-2026] [Analyzed] [V3.1 S8.8:HIGH] A security vulnerability has been detected in UTT 进取 520W 1.7.7-180627. Affected by this vulnerability is the function strcpy of the file /goform/formConfigNoticeConfig. The manipulation of the argument timestart leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2026-0841] [Modified: 13-01-2026] [Analyzed] [V3.1 S8.8:HIGH] A vulnerability was detected in UTT 进取 520W 1.7.7-180627. Affected by this issue is the function strcpy of the file /goform/formPictureUrl. The manipulation of the argument importpictureurl results in buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2026-0850] [Modified: 29-04-2026] [Analyzed] [V3.1 S4.7:MEDIUM] A vulnerability was determined in code-projects Intern Membership Management System 1.0. Impacted is an unknown function of the file /admin/delete_activity.php. Executing a manipulation of the argument activity_id can lead to sql injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.

[CVE-2026-0851] [Modified: 29-04-2026] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability was identified in code-projects Online Music Site 1.0. The affected element is an unknown function of the file /Administrator/PHP/AdminAddUser.php. The manipulation of the argument txtusername leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

[CVE-2026-0852] [Modified: 29-04-2026] [Analyzed] [V3.1 S7.3:HIGH] A security flaw has been discovered in code-projects Online Music Site 1.0. The impacted element is an unknown function of the file /Administrator/PHP/AdminUpdateUser.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks.

[CVE-2025-69267] [Modified: 14-01-2026] [Analyzed] [V3.1 S6.5:MEDIUM] Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Path Traversal.This issue affects DX NetOps Spectrum: 24.3.8 and earlier.

[CVE-2025-69268] [Modified: 14-01-2026] [Analyzed] [V3.1 S6.1:MEDIUM] Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Reflected XSS.This issue affects DX NetOps Spectrum: 24.3.8 and earlier.

[CVE-2025-69269] [Modified: 14-01-2026] [Analyzed] [V3.1 S9.8:CRITICAL] Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows OS Command Injection.This issue affects DX NetOps Spectrum: 23.3.6 and earlier.

[CVE-2025-69270] [Modified: 14-01-2026] [Analyzed] [V3.1 S9.8:CRITICAL] Information Exposure Through Query Strings in GET Request vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Session Hijacking.This issue affects DX NetOps Spectrum: 24.3.8 and earlier.

[CVE-2025-69271] [Modified: 14-01-2026] [Analyzed] [V3.1 S7.5:HIGH] Insufficiently Protected Credentials vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Sniffing Attacks.This issue affects DX NetOps Spectrum: 24.3.13 and earlier.

[CVE-2025-69272] [Modified: 14-01-2026] [Analyzed] [V3.1 S7.5:HIGH] Cleartext Transmission of Sensitive Information vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Sniffing Attacks.This issue affects DX NetOps Spectrum: 21.2.1 and earlier.

[CVE-2025-69273] [Modified: 14-01-2026] [Analyzed] [V3.1 S7.5:HIGH] Improper Authentication vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Authentication Bypass.This issue affects DX NetOps Spectrum: 24.3.10 and earlier.

 
Amazon AWS httpd php.net Lets Encrypt Bootstrap