fweno.onefour.com.br

Current Conditions
São Paulo
nuvens dispersas

15 ℃
85%
Temperatura
Umidade
Fonte: OpenWeatherMap. - 22:30:02
  1. [USD] USD 61,246.20
  1. [BRL] BRL 317,169.58 [USD] USD 61,246.20 [GBP] GBP 45,901.39 [EUR] EUR 53,151.29
    Price index provided by blockchain.info.
  2. After Bitcoin Core 0.14.0 and before Bitcoin Core 29.0, validating a specially-crafted block may cause the node to access previously freed memory.
    During validation, necessary data required for checking inputs for each transaction is pre-calculated and cached. For specially crafted invalid blocks, it was possible for this data to be destroyed while it was still being accessed by a background validation thread. An attacker capable of mining a block with sufficient proof-of-work could have exploited this to crash victim nodes. Because of the nature of use-after-free bugs, it is possible that the crash could have been used for remote code execution, though constraints on the input (block) data make this unlikely.
    This issue is considered High severity.

    Details

    By default, script validation for new blocks is dispatched to background threads via a vector of CScriptCheck functors. Each CScriptCheck holds a pointer to a PrecomputedTransactionData object which stores some data needed by each input in the transaction. Because it stores a pointer and not the data itself, care must be taken to ensure that the PrecomputedTransactionData outlives the CScriptCheck.
    The script checks lifetime is enforced by an RAII class, CCheckQueueControl. However, the control is intantiated before the precomputed transaction data. Because local objects in C++ are destructed in reverse order of construction, this means the vector of PrecomputedTransactionData is destroyed before the CCheckQueueControl.
    This is not an issue when the block is valid, as CCheckQueueControl::Wait() will be called before the function returns and the PrecomputedTransactionData gets destroyed. However, in case of an early return (when a separate check fails) a background script thread may read the precomputed transaction data after it was destroyed. An attacker could exploit this to crash victim nodes at the expense of a valid PoW at tip.

    Attribution

    Cory Fields (MIT DCI) discovered this vulnerability and responsibly disclosed it in a detailed report containing a proof of concept for reproduction and a proposed mitigation.

    Timeline

    • 2024-11-02 Cory Fields privately reports the bug
    • 2024-11-06 Pieter Wuille pushes a covert fix to already open PR #31112 which works around the issue by removing the early returns
    • 2024-12-03 PR #31112 is merged
    • 2025-04-12 Bitcoin Core version 29.0 is released with a fix
    • 2026-04-19 The last vulnerable Bitcoin Core version (28.x) goes end of life
    • 2026-05-05 Public disclosure.

dog - 22:39:31 up 259 days, 7:10, 4 users, load average: 0.00, 0.00, 0.00

Google News

[05/06/2026 14:05] Por que classificar PCC e CV como terroristas pode fortalecer facções, segundo especialista dos EUA - BBC

[05/06/2026 15:35] Lula sanciona renovação automática da CNH para bons motoristas - Correio Braziliense

[05/06/2026 18:34] Prazo de inscrições para o Enem 2026 é prorrogado; veja nova data - CNN Brasil

[05/06/2026 03:30] Falsa adolescente, mulher de 38 anos presa em Santa Catarina aplicava golpes desde 2010 - O Globo

[05/06/2026 13:50] Flávio pede a Fachin para que Moraes seja declarado suspeito de julgar caso Master - O Globo

[04/06/2026 20:50] Eduardo Bolsonaro sugere negociar Pix com EUA e cita Zelle - Poder360

[05/06/2026 17:04] Presidente do Republicanos reage após Cleitinho criticá-lo e deixar candidatura em aberto: 'Não tem segurança do que quer' - O Globo

[05/06/2026 20:20] Júri votou para dolo de mãe de Henry, mas juíza interferiu, diz promotor - CNN Brasil

[05/06/2026 12:57] Justiça manda prender jornalista perseguido sob a mira de uma arma por Carla Zambelli - CartaCapital

[05/06/2026 10:36] Juntos no palco, separados nas redes: Tarcísio ignora Flávio em postagens sobre a Marcha Para Jesus - O Globo

NVD Feed

[CVE-2026-1964] [Modified: 12-02-2026] [Analyzed] [V3.1 S4.3:MEDIUM] A vulnerability was determined in WeKan up to 8.20. This impacts an unknown function of the file models/boards.js of the component REST Endpoint. This manipulation causes improper access controls. Remote exploitation of the attack is possible. Upgrading to version 8.21 will fix this issue. Patch name: 545566f5663545d16174e0f2399f231aa693ab6e. It is advisable to upgrade the affected component.

[CVE-2026-1970] [Modified: 29-04-2026] [Analyzed] [V3.1 S3.5:LOW] A flaw has been found in Edimax BR-6258n up to 1.18. This issue affects the function formStaDrvSetup of the file /goform/formStaDrvSetup. This manipulation of the argument submit-url causes open redirect. The attack can be initiated remotely. The exploit has been published and may be used. The vendor confirms that the affected product is end-of-life. They confirm that they "will issue a consolidated Security Advisory on our official support website." This vulnerability only affects products that are no longer supported by the maintainer.

[CVE-2025-32393] [Modified: 17-02-2026] [Analyzed] [V3.1 S6.5:MEDIUM] AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.32, there is a DoS vulnerability in ReadRSSFeedBlock. In RSSBlock, feedparser.parser is called to obtain the XML file according to the URL input by the user, parse the XML, and finally obtain the parsed result. However, during the parsing process, there is no limit on the parsing time and the resources that can be allocated for parsing. When a malicious user lets RSSBlock parse a carefully constructed, deep XML, it will cause memory resources to be exhausted, eventually causing DoS. This issue has been patched in autogpt-platform-beta-v0.6.32.

[CVE-2025-68157] [Modified: 13-02-2026] [Analyzed] [V3.1 S3.7:LOW] Webpack is a module bundler. From version 5.49.0 to before 5.104.0, when experiments.buildHttp is enabled, webpack’s HTTP(S) resolver (HttpUriPlugin) enforces allowedUris only for the initial URL, but does not re-validate allowedUris after following HTTP 30x redirects. As a result, an import that appears restricted to a trusted allow-list can be redirected to HTTP(S) URLs outside the allow-list. This is a policy/allow-list bypass that enables build-time SSRF behavior (requests from the build machine to internal-only endpoints, depending on network access) and untrusted content inclusion in build outputs (redirected content is treated as module source and bundled). This issue has been patched in version 5.104.0.

[CVE-2025-68458] [Modified: 13-02-2026] [Analyzed] [V3.1 S3.7:LOW] Webpack is a module bundler. From version 5.49.0 to before 5.104.1, when experiments.buildHttp is enabled, webpack’s HTTP(S) resolver (HttpUriPlugin) can be bypassed to fetch resources from hosts outside allowedUris by using crafted URLs that include userinfo (username:password@host). If allowedUris enforcement relies on a raw string prefix check (e.g., uri.startsWith(allowed)), a URL that looks allow-listed can pass validation while the actual network request is sent to a different authority/host after URL parsing. This is a policy/allow-list bypass that enables build-time SSRF behavior (outbound requests from the build machine to internal-only endpoints, depending on network access) and untrusted content inclusion (the fetched response is treated as module source and bundled). This issue has been patched in version 5.104.1.

[CVE-2026-0391] [Modified: 18-02-2026] [Analyzed] [V3.1 S6.5:MEDIUM] User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network.

[CVE-2026-21532] [Modified: 12-02-2026] [Analyzed] [V3.1 S8.2:HIGH] Azure Function Information Disclosure Vulnerability

[CVE-2026-24300] [Modified: 12-02-2026] [Analyzed] [V3.1 S9.8:CRITICAL] Azure Front Door Elevation of Privilege Vulnerability

[CVE-2026-1971] [Modified: 29-04-2026] [Analyzed] [V3.1 S2.4:LOW] A vulnerability has been found in Edimax BR-6288ACL up to 1.12. Impacted is the function wiz_WISP24gmanual of the file wiz_WISP24gmanual.asp. Such manipulation of the argument manualssid leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor confirms that the affected product is end-of-life. They confirm that they "will issue a consolidated Security Advisory on our official support website." This vulnerability only affects products that are no longer supported by the maintainer.

[CVE-2026-1972] [Modified: 20-02-2026] [Analyzed] [V3.1 S5.3:MEDIUM] A vulnerability was found in Edimax BR-6208AC 2_1.02. The affected element is the function auth_check_userpass2. Performing a manipulation of the argument Username/Password results in use of default credentials. The attack may be initiated remotely. The exploit has been made public and could be used. The vendor confirms that the affected product is end-of-life. They confirm that they "will issue a consolidated Security Advisory on our official support website." This vulnerability only affects products that are no longer supported by the maintainer.

[CVE-2026-1973] [Modified: 09-02-2026] [Analyzed] [V3.1 S5.3:MEDIUM] A vulnerability was determined in Free5GC up to 4.1.0. The impacted element is the function establishPfcpSession of the component SMF. Executing a manipulation can lead to null pointer dereference. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. It is best practice to apply a patch to resolve this issue.

[CVE-2026-1974] [Modified: 09-02-2026] [Analyzed] [V3.1 S5.3:MEDIUM] A vulnerability was identified in Free5GC up to 4.1.0. This affects the function ResolveNodeIdToIp of the file internal/sbi/processor/datapath.go of the component SMF. The manipulation leads to denial of service. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. It is recommended to apply a patch to fix this issue.

[CVE-2026-1975] [Modified: 09-02-2026] [Analyzed] [V3.1 S5.3:MEDIUM] A security flaw has been discovered in Free5GC up to 4.1.0. This impacts the function identityTriggerType of the file pfcp_reports.go. The manipulation results in null pointer dereference. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. Applying a patch is advised to resolve this issue.

[CVE-2026-1976] [Modified: 09-02-2026] [Analyzed] [V3.1 S5.3:MEDIUM] A weakness has been identified in Free5GC up to 4.1.0. Affected is the function SessionDeletionResponse of the component SMF. This manipulation causes null pointer dereference. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks. It is suggested to install a patch to address this issue.

[CVE-2026-1978] [Modified: 27-02-2026] [Analyzed] [V3.1 S5.3:MEDIUM] A vulnerability was detected in kalyan02 NanoCMS up to 0.4. Affected by this issue is some unknown functionality of the file /data/pagesdata.txt of the component User Information Handler. Performing a manipulation results in direct request. It is possible to initiate the attack remotely. The exploit is now public and may be used. You should change the configuration settings.

[CVE-2026-1979] [Modified: 29-04-2026] [Analyzed] [V3.1 S5.3:MEDIUM] A flaw has been found in mruby up to 3.4.0. This affects the function mrb_vm_exec of the file src/vm.c of the component JMPNOT-to-JMPIF Optimization. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been published and may be used. This patch is called e50f15c1c6e131fa7934355eb02b8173b13df415. It is advisable to implement a patch to correct this issue.

[CVE-2026-1991] [Modified: 29-04-2026] [Analyzed] [V3.1 S3.3:LOW] A vulnerability was detected in libuvc up to 0.0.7. Affected is the function uvc_scan_streaming of the file src/device.c of the component UVC Descriptor Handler. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.

[CVE-2026-0521] [Modified: 18-02-2026] [Analyzed] [V3.1 S6.1:MEDIUM] A reflected cross-site scripting (XSS) vulnerability in the PDF export functionality of the TYDAC AG MAP+ solution allows unauthenticated attackers to craft a malicious URL, that if visited by a victim, will execute arbitrary JavaScript in the victim's context. Such a URL could be delivered through various means, for instance, by sending a link or by tricking victims to visit a page crafted by the attacker. This issue was verified in MAP+: 3.4.0.

[CVE-2026-1998] [Modified: 29-04-2026] [Analyzed] [V3.1 S3.3:LOW] A flaw has been found in micropython up to 1.27.0. This vulnerability affects the function mp_import_all of the file py/runtime.c. This manipulation causes memory corruption. The attack needs to be launched locally. The exploit has been published and may be used. Patch name: 570744d06c5ba9dba59b4c3f432ca4f0abd396b6. It is suggested to install a patch to address this issue.

[CVE-2026-2000] [Modified: 29-04-2026] [Analyzed] [V3.1 S4.7:MEDIUM] A vulnerability was found in DCN DCME-320 up to 20260121. Impacted is the function apply_config of the file /function/system/basic/bridge_cfg.php of the component Web Management Backend. Performing a manipulation of the argument ip_list results in command injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

 
Amazon AWS httpd php.net Lets Encrypt Bootstrap