Current Conditions
São Paulo
nublado

18 ℃
94%
Temperatura
Umidade
Fonte: OpenWeatherMap. - 02:00:01
  1. [USD] USD 94,589.95
  1. [BRL] BRL 538,254.65 [USD] USD 94,589.95 [GBP] GBP 71,050.86 [EUR] EUR 82,927.01
    Price index provided by blockchain.info.
  2. Bitcoin Core version 29.0 is now available for download. See the release notes for more information about the bug fixes in this release.
    With the release of this new major version, versions 26.x and older are at “Maintenance End” and will no longer receive updates. In accordance with the security policy, two weeks after this release, medium and high severity vulnerabilities affecting versions 26.x (if any) will be disclosed. Additionally, low severity vulnerabilities affecting versions 28.x (if any) will be disclosed.

[CVE-2024-12977] [Modified: 03-04-2025] [Analyzed] [V3.1 S6.3:MEDIUM] A vulnerability, which was classified as critical, was found in PHPGurukul Complaint Management System 1.0. This affects an unknown part of the file /admin/state.php. The manipulation of the argument state leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

[CVE-2024-12978] [Modified: 18-02-2025] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability has been found in code-projects Job Recruitment 1.0 and classified as critical. This vulnerability affects the function add_req of the file /_parse/_all_edits.php. The manipulation of the argument jid/limit leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

[CVE-2024-12979] [Modified: 18-02-2025] [Analyzed] [V3.1 S4.3:MEDIUM] A vulnerability was found in code-projects Job Recruitment 1.0 and classified as problematic. This issue affects the function cn_update of the file /_parse/_all_edits.php. The manipulation of the argument cname leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

[CVE-2024-12980] [Modified: 18-02-2025] [Analyzed] [V3.1 S4.3:MEDIUM] A vulnerability was found in code-projects Job Recruitment 1.0. It has been classified as problematic. Affected is the function fln_update of the file /_parse/_all_edits.php. The manipulation of the argument fname/lname leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

[CVE-2024-56519] [Modified: 21-04-2025] [Analyzed] [V3.1 S7.5:HIGH] An issue was discovered in TCPDF before 6.8.0. setSVGStyles does not sanitize the SVG font-family attribute.

[CVE-2024-56521] [Modified: 21-04-2025] [Analyzed] [V3.1 S9.8:CRITICAL] An issue was discovered in TCPDF before 6.8.0. If libcurl is used, CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER are set unsafely.

[CVE-2024-56522] [Modified: 17-04-2025] [Analyzed] [V3.1 S7.5:HIGH] An issue was discovered in TCPDF before 6.8.0. unserializeTCPDFtag uses != (aka loose comparison) and does not use a constant-time function to compare TCPDF tag hashes.

[CVE-2024-12981] [Modified: 05-03-2025] [Analyzed] [V3.1 S6.3:MEDIUM] A vulnerability was found in CodeAstro Car Rental System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /bookingconfirm.php. The manipulation of the argument driver_id_from_dropdown leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

[CVE-2024-12982] [Modified: 03-04-2025] [Analyzed] [V3.1 S2.4:LOW] A vulnerability was found in PHPGurukul Blood Bank & Donor Management System 2.4. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /bbdms/admin/update-contactinfo.php. The manipulation of the argument Address leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

[CVE-2024-56527] [Modified: 17-04-2025] [Analyzed] [V3.1 S7.5:HIGH] An issue was discovered in TCPDF before 6.8.0. The Error function lacks an htmlspecialchars call for the error message.

[CVE-2024-12983] [Modified: 28-03-2025] [Analyzed] [V3.1 S2.4:LOW] A vulnerability classified as problematic has been found in code-projects Hospital Management System 1.0. This affects an unknown part of the file /hospital/hms/admin/manage-doctors.php of the component Edit Doctor Details Page. The manipulation of the argument Doctor Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

[CVE-2020-1818] [Modified: 10-01-2025] [Analyzed] [V3.1 S3.7:LOW] There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289) The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.

[CVE-2020-1819] [Modified: 10-01-2025] [Analyzed] [V3.1 S3.7:LOW] There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289) The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.

[CVE-2020-9080] [Modified: 10-01-2025] [Analyzed] [V3.1 S7.8:HIGH] There is an improper privilege management vulnerability in Huawei smart phone product. A local, authenticated attacker could craft a specific input to exploit this vulnerability. Successful exploitation may lead to local privilege escalation. (Vulnerability ID: HWPSIRT-2020-05272) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9080.

[CVE-2020-9081] [Modified: 10-01-2025] [Analyzed] [V3.1 S3.5:LOW] There is an improper authorization vulnerability in some Huawei smartphones. An attacker could perform a series of operation in specific mode to exploit this vulnerability. Successful exploit could allow the attacker to bypass app lock. (Vulnerability ID: HWPSIRT-2019-12144) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9081.

[CVE-2020-9082] [Modified: 14-01-2025] [Analyzed] [V3.1 S3.5:LOW] There is an information disclosure vulnerability in several smartphones. The system has a logic judging error under certain scenario, the attacker should gain the permit to execute commands in ADB mode and then do a series of operation on the phone. Successful exploit could allow the attacker to gain certain information from certain apps locked by Applock. (Vulnerability ID: HWPSIRT-2019-07112) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9082.

[CVE-2020-9085] [Modified: 13-01-2025] [Analyzed] [V3.1 S5.3:MEDIUM] There is a NULL pointer dereference vulnerability in some Huawei products. An attacker may send specially crafted POST messages to the affected products. Due to insufficient validation of some parameter in the message, successful exploit may cause some process abnormal. (Vulnerability ID: HWPSIRT-2017-10105) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9085.

[CVE-2020-9086] [Modified: 13-01-2025] [Analyzed] [V3.1 S4.3:MEDIUM] There is a buffer error vulnerability in some Huawei product. An unauthenticated attacker may send special UPNP message to the affected products. Due to insufficient input validation of some value, successful exploit may cause some service abnormal. (Vulnerability ID: HWPSIRT-2017-08234) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9086.

[CVE-2020-9089] [Modified: 13-01-2025] [Analyzed] [V3.1 S3.3:LOW] There is an information vulnerability in Huawei smartphones. A function in a module can be called without verifying the caller's access. Attackers with user access can exploit this vulnerability to obtain some information. This can lead to information leak. (Vulnerability ID: HWPSIRT-2019-12141) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9089.

[CVE-2020-9210] [Modified: 13-01-2025] [Analyzed] [V3.1 S6.8:MEDIUM] There is an insufficient integrity vulnerability in Huawei products. A module does not perform sufficient integrity check in a specific scenario. Attackers can exploit the vulnerability by physically install malware. This could compromise normal service of the affected device. (Vulnerability ID: HWPSIRT-2020-00145) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9210.