[02/03/2026 06:21] Guerra do Irã: o que aconteceu até agora no quarto dia de conflito — novos ataques de Israel e relação EUA-Reino Unido abalada - BBC

[03/03/2026 05:00] Fim da escala 6x1 pode fechar até 1,2 milhão de vagas de emprego, afirma estudo - Revista Oeste

[03/03/2026 04:01] Lula se encontra com Alckmin e Haddad nesta terça em SP e pode bater martelo sobre candidaturas - G1

[03/03/2026 02:00] A sinalização de Alcolumbre sobre anular a quebra do sigilo de Lulinha - Metrópoles

[02/03/2026 21:32] Embaixador não diz por que Irã tem 409 kg de urânio enriquecido - Poder360

[02/03/2026 11:24] Celso Amorim diz que Brasil deve 'se preparar para o pior' em meio à escalada no Oriente Médio - Correio Braziliense

[02/03/2026 22:18] Com Exército sob pressão, Comandante convoca recrutas a resgatar orgulho da instituição - Revista Sociedade Militar

[02/03/2026 20:30] Lula vai defender diálogo entre EUA e Irã e pode se oferecer como mediador do conflito no Oriente Médio - Brasil 247

[02/03/2026 19:02] Redução da maioridade penal está mantida na PEC da Segurança, diz relator - Correio Braziliense

[02/03/2026 06:00] Compare os públicos de atos da esquerda e da direita desde 2024 - Poder360

[CVE-2024-51317] [Modified: 05-11-2025] [Analyzed] [V3.1 S6.5:MEDIUM] An issue in NetSurf v.3.11 allows a remote attacker to execute arbitrary code via the dom_node_normalize function

[CVE-2025-29699] [Modified: 05-11-2025] [Analyzed] [V3.1 S6.5:MEDIUM] NetSurf 3.11 is vulnerable to Use After Free in dom_node_set_text_content function.

[CVE-2025-45663] [Modified: 05-11-2025] [Analyzed] [V3.1 S6.5:MEDIUM] An issue in NetSurf v3.11 causes the application to read uninitialized heap memory when creating a dom_event structure.

[CVE-2025-63442] [Modified: 05-11-2025] [Analyzed] [V3.1 S4.6:MEDIUM] Simple User Management System with PHP-MySQL v1.0 is vulnerable to Cross-Site Scripting (XSS) via the Profile Section. The system fails to properly sanitize user input, allowing attackers to inject and execute arbitrary JavaScript when the input is displayed in the browser

[CVE-2025-63443] [Modified: 03-02-2026] [Analyzed] [V3.1 S5.4:MEDIUM] School Management System PHP v1.0 is vulnerable to Cross Site Scripting (XSS) in /login.php via the password parameter.

[CVE-2025-11761] [Modified: 21-01-2026] [Analyzed] [V3.1 S7.8:HIGH] A potential security vulnerability has been identified in the HP Client Management Script Library software, which might allow escalation of privilege during the installation process. HP is releasing software updates to mitigate the potential vulnerability.

[CVE-2025-36091] [Modified: 05-11-2025] [Analyzed] [V3.1 S4.3:MEDIUM] IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated user to cause dashboards to become inaccessible to legitimate users due to invalid ownership assignment.

[CVE-2025-36092] [Modified: 05-11-2025] [Analyzed] [V3.1 S6.5:MEDIUM] IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated user to cause a denial of service due to the improper validation of input length.

[CVE-2025-36093] [Modified: 05-11-2025] [Analyzed] [V3.1 S4.8:MEDIUM] IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an attacker to access unauthorized content or perform unauthorized actions using man in the middle techniques due to improper access controls.

[CVE-2025-60503] [Modified: 03-02-2026] [Analyzed] [V3.1 S8.7:HIGH] A cross-site scripting (XSS) vulnerability exists in the administrative interface of ultimatefosters UltimatePOS 4.8 where input submitted in the purchase functionality is reflected without proper escaping in the admin log panel page in the 'reference No.' field. This flaw allows an authenticated attacker to execute arbitrary JavaScript in the context of an administrator's browser session, which could lead to session hijacking or other malicious actions.

[CVE-2025-60785] [Modified: 04-02-2026] [Analyzed] [V3.1 S8.8:HIGH] A remote code execution (RCE) vulnerability in the Postgres Drivers component of iceScrum v7.54 Pro On-prem allows attackers to execute arbitrary code via a crafted HTML page.

[CVE-2025-63446] [Modified: 10-11-2025] [Analyzed] [V3.1 S6.1:MEDIUM] Water Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /add_vendor.php.

[CVE-2025-63447] [Modified: 07-11-2025] [Analyzed] [V3.1 S6.1:MEDIUM] Water Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /add_customer.php.

[CVE-2025-63448] [Modified: 07-11-2025] [Analyzed] [V3.1 S6.1:MEDIUM] Water Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /edit_product.php?id=1.

[CVE-2025-63449] [Modified: 07-11-2025] [Analyzed] [V3.1 S5.4:MEDIUM] Water Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /orders.php.

[CVE-2025-63450] [Modified: 07-11-2025] [Analyzed] [V3.1 S5.4:MEDIUM] Car-Booking-System-PHP v.1.0 is vulnerable to Cross Site Scripting (XSS) in /carlux/booking.php.

[CVE-2025-63451] [Modified: 07-11-2025] [Analyzed] [V3.1 S9.8:CRITICAL] Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/sign-in.php.

[CVE-2025-63452] [Modified: 07-11-2025] [Analyzed] [V3.1 S9.4:CRITICAL] Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/forgot-pass.php.

[CVE-2025-63453] [Modified: 07-11-2025] [Analyzed] [V3.1 S9.8:CRITICAL] Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/contact.php.

[CVE-2025-10280] [Modified: 12-11-2025] [Analyzed] [V3.1 S7.1:HIGH] IdentityIQ 8.5, IdentityIQ 8.4 and all 8.4 patch levels prior to 8.4p4, IdentityIQ 8.3 and all 8.3 patch levels including 8.3p5, and all prior versions allows some IdentityIQ web services that provide non-HTML content to be accessed via a URL path that will set the Content-Type to HTML allowing a requesting browser to interpret content not properly escaped to prevent Cross-Site Scripting (XSS).