fweno.onefour.com.br

Current Conditions
São Paulo
nuvens quebradas

21 ℃
67%
Temperatura
Umidade
Fonte: OpenWeatherMap. - 17:30:02
  1. [USD] USD 87,043.64
  1. [BRL] BRL 468,286.09 [USD] USD 87,043.64 [GBP] GBP 65,996.05 [EUR] EUR 75,222.59
    Price index provided by blockchain.info.
  2. Disclosure of the details of a bug on 32-bit systems which may, in a rare edge case, cause the node to crash when receiving a pathological block. This bug would be extremely hard to exploit. A fix was released on October 10th 2025 in Bitcoin Core v30.0.
    This issue is considered Low severity.

    Details

    Before writing a block to disk, Bitcoin Core checks that its size is within a normal range. This check would overflow on 32-bit systems for blocks over 1GB, and make the node crash when writing it to disk. Such a block cannot be sent using the BLOCK message, but could in theory be sent as a compact block if the victim node has a non-default large mempool which already contains 1GB of transactions. This would require the victim to have set their -maxmempool option to a value greater than 3GB, while 32-bit systems may have at most 4GiB of memory.
    This issue was indirectly prevented by capping the maximum value of the -maxmempool setting on 32-bit systems.

    Attribution

    Pieter Wuille discovered this bug and disclosed it responsibly.
    Antoine Poinsot proposed and implemented a covert mitigation.

    Timeline

    • 2025-04-24 - Pieter Wuille reports the issue
    • 2025-05-16 - Antoine Poinsot opens PR #32530 with a covert fix
    • 2025-06-26 - PR #32530 is merged into master
    • 2025-09-04 - Version 29.1 is released with the fix
    • 2025-10-10 - Version 30.0 is released with the fix
    • 2025-10-24 - Public Disclosure

dog - 17:43:30 up 67 days, 2:14, 4 users, load average: 0.00, 0.00, 0.00

Google News

[25/11/2025 15:56] Bolsonaro começa a cumprir pena na Superintendência da PF - Poder360

[25/11/2025 15:04] Augusto Heleno e Paulo Sérgio de Oliveira são presos em Brasília - CartaCapital

[25/11/2025 15:44] Moraes ordena perda de mandato de Ramagem - G1

[25/11/2025 15:14] Ex-comandante da Marinha Almir Garnier é preso após condenação na ação da trama golpista - O Globo

[25/11/2025 12:19] Nova pesquisa testa Lula contra Tarcísio, Michelle e Eduardo em 2026; veja os resultados - CartaCapital

[25/11/2025 00:19] Governadores se reúnem em São Paulo e divergem sobre prisão de Bolsonaro - Gazeta do Povo

[25/11/2025 15:45] Braga Netto cumprirá pena na 1ª Divisão do Exército, no Rio de Janeiro - CNN Brasil

[25/11/2025 12:37] Bolsonaro pediu que Motta e Alcolumbre pautem anistia, diz Flávio - Poder360

[25/11/2025 14:48] Motta também rompe com líder do PL: 'Não contem mais comigo para nada' - Valor Econômico

[25/11/2025 15:53] Anderson Torres vai cumprir pena na Papudinha, decide Moraes - Correio Braziliense

NVD Feed

[CVE-2025-50490] [Modified: 29-07-2025] [Analyzed] [V3.1 S7.5:HIGH] Improper session invalidation in the component /elms/emp-changepassword.php of PHPGurukul Student Result Management System v2.0 allows attackers to execute a session hijacking attack.

[CVE-2025-50493] [Modified: 29-07-2025] [Analyzed] [V3.1 S7.5:HIGH] Improper session invalidation in the component /doctor/change-password.php of PHPGurukul Doctor Appointment Management System v1 allows attackers to execute a session hijacking attack.

[CVE-2025-50494] [Modified: 29-07-2025] [Analyzed] [V3.1 S7.5:HIGH] Improper session invalidation in the component /doctor/change-password.php of PHPGurukul Car Washing Management System v1.0 allows attackers to execute a session hijacking attack.

[CVE-2025-54528] [Modified: 31-07-2025] [Analyzed] [V3.1 S5.4:MEDIUM] In JetBrains TeamCity before 2025.07 a CSRF was possible in GitHub App connection flow

[CVE-2025-54529] [Modified: 31-07-2025] [Analyzed] [V3.1 S3.7:LOW] In JetBrains TeamCity before 2025.07 a CSRF was possible in external OAuth login integration

[CVE-2025-54530] [Modified: 31-07-2025] [Analyzed] [V3.1 S7.5:HIGH] In JetBrains TeamCity before 2025.07 privilege escalation was possible due to incorrect directory permissions

[CVE-2025-54531] [Modified: 31-07-2025] [Analyzed] [V3.1 S7.7:HIGH] In JetBrains TeamCity before 2025.07 path traversal was possible via plugin unpacking on Windows

[CVE-2025-54532] [Modified: 29-07-2025] [Analyzed] [V3.1 S4.3:MEDIUM] In JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via snapshot dependencies

[CVE-2025-54533] [Modified: 29-07-2025] [Analyzed] [V3.1 S4.3:MEDIUM] In JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via VCS configuration

[CVE-2025-54534] [Modified: 29-07-2025] [Analyzed] [V3.1 S4.8:MEDIUM] In JetBrains TeamCity before 2025.07 reflected XSS was possible on the agentpushPreset page

[CVE-2025-54535] [Modified: 29-07-2025] [Analyzed] [V3.1 S5.8:MEDIUM] In JetBrains TeamCity before 2025.07 password reset and email verification tokens were using weak hashing algorithms

[CVE-2025-54536] [Modified: 31-07-2025] [Analyzed] [V3.1 S5.4:MEDIUM] In JetBrains TeamCity before 2025.07 a CSRF was possible on GraphQL endpoint

[CVE-2025-54537] [Modified: 29-07-2025] [Analyzed] [V3.1 S5.5:MEDIUM] In JetBrains TeamCity before 2025.07 user credentials were stored in plain text in memory snapshots

[CVE-2025-54538] [Modified: 29-07-2025] [Analyzed] [V3.1 S5.5:MEDIUM] In JetBrains TeamCity before 2025.07 password exposure was possible via command line in the "hg pull" command

[CVE-2025-50488] [Modified: 29-07-2025] [Analyzed] [V3.1 S7.1:HIGH] Improper session invalidation in the component /library/change-password.php of PHPGurukul Online Library Management System v3.0 allows attackers to execute a session hijacking attack.

[CVE-2025-50489] [Modified: 29-07-2025] [Analyzed] [V3.1 S7.5:HIGH] Improper session invalidation in the component /srms/change-password.php of PHPGurukul Student Result Management System v2.0 allows attackers to execute a session hijacking attack.

[CVE-2025-50491] [Modified: 29-07-2025] [Analyzed] [V3.1 S7.1:HIGH] Improper session invalidation in the component /banker/change-password.php of PHPGurukul Bank Locker Management System v1 allows attackers to execute a session hijacking attack.

[CVE-2025-50492] [Modified: 29-07-2025] [Analyzed] [V3.1 S7.5:HIGH] Improper session invalidation in the component /edms/change-password.php of PHPGurukul e-Diary Management System v1 allows attackers to execute a session hijacking attack.

[CVE-2025-50484] [Modified: 07-08-2025] [Analyzed] [V3.1 S7.1:HIGH] Improper session invalidation in the component /crm/change-password.php of PHPGurukul Small CRM v3.0 allows attackers to execute a session hijacking attack.

[CVE-2025-50487] [Modified: 29-07-2025] [Analyzed] [V3.1 S7.1:HIGH] Improper session invalidation in the component /bbdms/change-password.php of PHPGurukul Blood Bank & Donor Management System v2.4 allows attackers to execute a session hijacking attack.

 
Amazon AWS httpd php.net Lets Encrypt Bootstrap