[10/03/2026 22:00] Moraes autoriza visita de assessor de Trump a Bolsonaro na prisão - CNN Brasil

[10/03/2026 19:42] Trump ameaça Irã após relatos de minas no estreito de Ormuz - Poder360

[11/03/2026 05:48] Brasileira conta como foi aliciada para Epstein em São Paulo por US$ 10 mil - BBC

[10/03/2026 16:05] Irã diz ter atacado com drones centro militar e de inteligência de Israel - UOL Notícias

[11/03/2026 00:01] STF não encontra saída para maior crise de credibilidade da sua história - Diário do Poder - Diário do Poder

[10/03/2026 06:34] Vorcaro teve acesso antecipado a investigações sigilosas do MPF sobre o Master - Brasil 247

[10/03/2026 18:42] PCC e CV: a nova declaração do governo Trump que preocupa Lula - BBC

[11/03/2026 07:01] Meio/Ideia: em 2º turno, Lula tem empate com Flávio ou Tarcísio - CNN Brasil

[10/03/2026 06:23] CPMI do INSS recebeu apenas 0,25% dos dados sobre Vorcaro que estavam com Alcolumbre - ICL Notícias

[10/03/2026 15:34] Tenente-coronel foi proibido de entrar no prédio onde esposa PM foi achada morta - O Globo

[CVE-2017-20210] [Modified: 14-11-2025] [Analyzed] [V3.1 S9.8:CRITICAL] Photo Station 5.4.1 & 5.2.7 include the security fix for the vulnerability related to the XMR mining programs identified by internal research.

[CVE-2025-7430] [Modified: 21-11-2025] [Analyzed] [V3.1 S7.3:HIGH] Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Folder Message Count and Size report.

[CVE-2025-7632] [Modified: 21-11-2025] [Analyzed] [V3.1 S7.3:HIGH] Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Public Folders report.

[CVE-2025-7633] [Modified: 24-11-2025] [Analyzed] [V3.1 S7.3:HIGH] Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Custom report.

[CVE-2025-41101] [Modified: 17-11-2025] [Analyzed] [V3.1 S5.4:MEDIUM] HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'title' in'/projects/save'.

[CVE-2025-41102] [Modified: 17-11-2025] [Analyzed] [V3.1 S5.4:MEDIUM] HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'title' in '/events/save'.

[CVE-2025-41103] [Modified: 17-11-2025] [Analyzed] [V3.1 S5.4:MEDIUM] HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'reply_message' in '/messages/reply'.

[CVE-2025-41104] [Modified: 17-11-2025] [Analyzed] [V3.1 S5.4:MEDIUM] HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'custom_field_1' in '/estimate_requests/save_estimate_request'.

[CVE-2025-41105] [Modified: 17-11-2025] [Analyzed] [V3.1 S5.4:MEDIUM] HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'title' in '/tickets/save'.

[CVE-2025-41106] [Modified: 17-11-2025] [Analyzed] [V3.1 S5.4:MEDIUM] HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'first_name' in '/clients/save_contact/'.

[CVE-2024-57695] [Modified: 02-01-2026] [Analyzed] [V3.1 S7.7:HIGH] An issue in Agnitum Outpost Security Suite 7.5.3 (3942.608.1810) and 7.6 (3984.693.1842) allows a local attacker to execute arbitrary code via the lock function. The manufacturer fixed the vulnerability in version 8.0 (4164.652.1856) from December 17, 2012.

[CVE-2025-10918] [Modified: 17-11-2025] [Analyzed] [V3.1 S7.1:HIGH] Insecure default permissions in the agent of Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to write arbitrary files anywhere on disk

[CVE-2025-12940] [Modified: 08-12-2025] [Analyzed] [V3.1 S5.5:MEDIUM] Login credentials are inadvertently recorded in logs if a Syslog Server is configured in NETGEAR WAX610 and WAX610Y (AX1800 Dual Band PoE Multi-Gig Insight Managed WiFi 6 Access Points). An user having access to the syslog server can read the logs containing these credentials.  This issue affects WAX610: before 10.8.11.4; WAX610Y: before 10.8.11.4. Devices managed with Insight get automatic updates. If not, please check the firmware version and update to the latest. Fixed in: WAX610 firmware 11.8.0.10 or later. WAX610Y firmware 11.8.0.10 or later.

[CVE-2025-12942] [Modified: 08-12-2025] [Analyzed] [V3.1 S7.5:HIGH] Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform command execution.This issue affects R6260: through 1.1.0.86; R6850: through 1.1.0.86.

[CVE-2025-12943] [Modified: 08-12-2025] [Analyzed] [V3.1 S7.5:HIGH] Improper certificate validation in firmware update logic in NETGEAR RAX30 (Nighthawk AX5 5-Stream AX2400 WiFi 6 Router) and RAXE300 (Nighthawk AXE7800 Tri-Band WiFi 6E Router) allows attackers with the ability to intercept and tamper traffic destined to the device to execute arbitrary commands on the device. Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update to the latest. Fixed in: RAX30 firmware 1.0.14.108 or later. RAXE300 firmware 1.0.9.82 or later

[CVE-2025-12944] [Modified: 08-12-2025] [Analyzed] [V3.1 S8.8:HIGH] Improper input validation in NETGEAR DGN2200v4 (N300 Wireless ADSL2+ Modem Router) allows attackers with direct network access to the device to potentially execute code on the device. Please check the firmware version and update to the latest. Fixed in:  DGN2200v4 firmware 1.0.0.132 or later

[CVE-2025-13032] [Modified: 08-12-2025] [Analyzed] [V3.1 S9.9:CRITICAL] Double fetch in sandbox kernel driver in Avast/AVG Antivirus <25.3  on windows allows local attacker to escalate privelages via pool overflow.

[CVE-2025-20050] [Modified: 26-11-2025] [Analyzed] [V3.1 S6.7:MEDIUM] Uncontrolled search path for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable local code execution. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

[CVE-2025-20614] [Modified: 26-11-2025] [Analyzed] [V3.1 S6.7:MEDIUM] External control of file name or path for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (low) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

[CVE-2025-23361] [Modified: 19-11-2025] [Analyzed] [V3.1 S7.8:HIGH] NVIDIA NeMo Framework for all platforms contains a vulnerability in a script, where malicious input created by an attacker may cause improper control of code generation. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering.