fweno.onefour.com.br

Current Conditions
São Paulo
nublado

17 ℃
96%
Temperatura
Umidade
Fonte: OpenWeatherMap. - 01:00:02
  1. [USD] USD 76,590.41
  1. [BRL] BRL 383,855.83 [USD] USD 76,590.41 [GBP] GBP 56,784.36 [EUR] EUR 65,827.32
    Price index provided by blockchain.info.
  2. After Bitcoin Core 0.14.0 and before Bitcoin Core 29.0, validating a specially-crafted block may cause the node to access previously freed memory.
    During validation, necessary data required for checking inputs for each transaction is pre-calculated and cached. For specially crafted invalid blocks, it was possible for this data to be destroyed while it was still being accessed by a background validation thread. An attacker capable of mining a block with sufficient proof-of-work could have exploited this to crash victim nodes. Because of the nature of use-after-free bugs, it is possible that the crash could have been used for remote code execution, though constraints on the input (block) data make this unlikely.
    This issue is considered High severity.

    Details

    By default, script validation for new blocks is dispatched to background threads via a vector of CScriptCheck functors. Each CScriptCheck holds a pointer to a PrecomputedTransactionData object which stores some data needed by each input in the transaction. Because it stores a pointer and not the data itself, care must be taken to ensure that the PrecomputedTransactionData outlives the CScriptCheck.
    The script checks lifetime is enforced by an RAII class, CCheckQueueControl. However, the control is intantiated before the precomputed transaction data. Because local objects in C++ are destructed in reverse order of construction, this means the vector of PrecomputedTransactionData is destroyed before the CCheckQueueControl.
    This is not an issue when the block is valid, as CCheckQueueControl::Wait() will be called before the function returns and the PrecomputedTransactionData gets destroyed. However, in case of an early return (when a separate check fails) a background script thread may read the precomputed transaction data after it was destroyed. An attacker could exploit this to crash victim nodes at the expense of a valid PoW at tip.

    Attribution

    Cory Fields (MIT DCI) discovered this vulnerability and responsibly disclosed it in a detailed report containing a proof of concept for reproduction and a proposed mitigation.

    Timeline

    • 2024-11-02 Cory Fields privately reports the bug
    • 2024-11-06 Pieter Wuille pushes a covert fix to already open PR #31112 which works around the issue by removing the early returns
    • 2024-12-03 PR #31112 is merged
    • 2025-04-12 Bitcoin Core version 29.0 is released with a fix
    • 2026-04-19 The last vulnerable Bitcoin Core version (28.x) goes end of life
    • 2026-05-05 Public disclosure.

dog - 01:25:25 up 248 days, 9:56, 3 users, load average: 0.11, 0.03, 0.01

Google News

[25/05/2026 22:13] Deputado pede vista e votação da PEC 6x1 é adiada - CNN Brasil

[25/05/2026 09:47] Lula x Flávio: Como votam católicos e evangélicos, segundo nova pesquisa - CartaCapital

[25/05/2026 15:01] Evo Morales incita protestos na Bolívia e cobra novas eleições - Revista Oeste

[25/05/2026 20:33] Lula passará por 15 sessões de radioterapia preventiva - Poder360

[25/05/2026 16:50] Morte de fisiculturista Gabriel Ganley é investigada: veja o que se sabe até agora - O GLOBO

[25/05/2026 15:38] STF discute com AGU e MJ saída jurídica para responder notificação dos EUA a Moraes - Estadão

[25/05/2026 07:31] Polícia apreende máquina de contar dinheiro e caixa com R$ 50 mil em nome de 'Dra. Deolane' durante operação contra esquema do PCC - O GLOBO

[25/05/2026 16:19] Quem votar em Flávio entregará a eleição para Lula, diz Zema - Poder360

[25/05/2026 21:17] Moradores relatam tremor em São Paulo após registro de terremoto no Chile - R7

[25/05/2026 19:13] Ciclone vai mexer com o tempo no Sul e no Sudeste; veja a trajetória - MetSul Meteorologia

NVD Feed

[CVE-2026-1410] [Modified: 29-04-2026] [Analyzed] [V3.1 S6.4:MEDIUM] A vulnerability was detected in Beetel 777VR1 up to 01.00.09/01.00.09_55. Impacted is an unknown function of the component UART Interface. The manipulation results in missing authentication. An attack on the physical device is feasible. This attack is characterized by high complexity. The exploitability is considered difficult. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2026-1411] [Modified: 29-04-2026] [Analyzed] [V3.1 S6.1:MEDIUM] A flaw has been found in Beetel 777VR1 up to 01.00.09/01.00.09_55. The affected element is an unknown function of the component UART Interface. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The complexity of an attack is rather high. The exploitability is described as difficult. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2026-1412] [Modified: 29-04-2026] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability has been found in Sangfor Operation and Maintenance Security Management System up to 3.0.12. The impacted element is an unknown function of the file /fort/audit/get_clip_img of the component HTTP POST Request Handler. Such manipulation of the argument frame/dirno leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

[CVE-2026-1413] [Modified: 29-04-2026] [Analyzed] [V3.1 S6.3:MEDIUM] A vulnerability was found in Sangfor Operation and Maintenance Security Management System up to 3.0.12. This affects the function portValidate of the file /fort/ip_and_port/port_validate of the component HTTP POST Request Handler. Performing a manipulation of the argument port results in command injection. The attack can be initiated remotely. The exploit has been made public and could be used.

[CVE-2026-1414] [Modified: 29-04-2026] [Analyzed] [V3.1 S6.3:MEDIUM] A vulnerability was determined in Sangfor Operation and Maintenance Security Management System up to 3.0.12. This impacts the function getInformation of the file /equipment/get_Information of the component HTTP POST Request Handler. Executing a manipulation of the argument fortEquipmentIp can lead to command injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.

[CVE-2026-1419] [Modified: 29-04-2026] [Analyzed] [V3.1 S4.7:MEDIUM] A weakness has been identified in D-Link DCS700l 1.03.09. Affected is an unknown function of the file /setDayNightMode of the component Web Form Handler. Executing a manipulation of the argument LightSensorControl can lead to command injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks.

[CVE-2026-1420] [Modified: 28-01-2026] [Analyzed] [V3.1 S8.8:HIGH] A flaw has been found in Tenda AC23 16.03.07.52. This impacts an unknown function of the file /goform/WifiExtraSet. This manipulation of the argument wpapsk_crypto causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used.

[CVE-2026-1421] [Modified: 29-04-2026] [Analyzed] [V3.1 S3.5:LOW] A vulnerability has been found in code-projects Online Examination System 1.0. Affected is an unknown function of the component Add Pages. Such manipulation leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.

[CVE-2026-1422] [Modified: 29-04-2026] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability was found in code-projects Online Examination System 1.0. Affected by this vulnerability is an unknown functionality of the file /index.php of the component Login Page. Performing a manipulation of the argument User results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used.

[CVE-2026-1423] [Modified: 29-04-2026] [Analyzed] [V3.1 S6.3:MEDIUM] A vulnerability was determined in code-projects Online Examination System 1.0. Affected by this issue is some unknown functionality of the file /admin_pic.php. Executing a manipulation can lead to unrestricted upload. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.

[CVE-2026-1424] [Modified: 29-04-2026] [Analyzed] [V3.1 S4.7:MEDIUM] A vulnerability was identified in PHPGurukul News Portal 1.0. This affects an unknown part of the component Profile Pic Handler. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.

[CVE-2026-1427] [Modified: 11-03-2026] [Analyzed] [V3.1 S8.8:HIGH] Single Sign-On Portal System developed by WellChoose has a OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server.

[CVE-2026-1428] [Modified: 11-03-2026] [Analyzed] [V3.1 S8.8:HIGH] Single Sign-On Portal System developed by WellChoose has a OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server.

[CVE-2026-1429] [Modified: 11-03-2026] [Analyzed] [V3.1 S5.4:MEDIUM] Single Sign-On Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing authenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.

[CVE-2025-27821] [Modified: 27-01-2026] [Analyzed] [V3.1 S7.3:HIGH] Out-of-bounds Write vulnerability in Apache Hadoop HDFS native client. This issue affects Apache Hadoop: from 3.2.0 before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue.

[CVE-2025-59106] [Modified: 12-02-2026] [Analyzed] [V3.1 S8.8:HIGH] The binary serving the web server and executing basically all actions launched from the Web UI is running with root privileges. This is against the least privilege principle. If an attacker is able to execute code on the system via other vulnerabilities it is possible to directly execute commands with highest privileges.

[CVE-2026-24656] [Modified: 27-01-2026] [Analyzed] [V3.1 S3.7:LOW] Deserialization of Untrusted Data vulnerability in Apache Karaf Decanter. The Decanter log socket collector exposes the port 4560, without authentication. If the collector exposes allowed classes property, this configuration can be bypassed. It means that the log socket collector is vulnerable to deserialization of untrusted data, eventually causing DoS. NB: Decanter log socket collector is not installed by default. Users who have not installed Decanter log socket are not impacted by this issue. This issue affects Apache Karaf Decanter before 2.12.0. Users are recommended to upgrade to version 2.12.0, which fixes the issue.

[CVE-2016-15057] [Modified: 27-01-2026] [Analyzed] [V3.1 S9.9:CRITICAL] ** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Continuum. This issue affects Apache Continuum: all versions. Attackers with access to the installations REST API can use this to invoke arbitrary commands on the server. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

[CVE-2025-50537] [Modified: 04-02-2026] [Analyzed] [V3.1 S5.5:MEDIUM] Stack overflow vulnerability in eslint before 9.26.0 when serializing objects with circular references in eslint/lib/shared/serialization.js. The exploit is triggered via the RuleTester.run() method, which validates test cases and checks for duplicates. During validation, the internal function checkDuplicateTestCase() is called, which in turn uses the isSerializable() function for serialization checks. When a circular reference object is passed in, isSerializable() enters infinite recursion, ultimately causing a stack overflow.

[CVE-2025-67274] [Modified: 12-02-2026] [Analyzed] [V3.1 S7.5:HIGH] An issue in continuous.software aangine v.2025.2 allows a remote attacker to obtain sensitive information via the excel-integration-service template download module, integration-persistence-service job listing module, portfolio-item-service data retrieval module endpoints

 
Amazon AWS httpd php.net Lets Encrypt Bootstrap