fweno.onefour.com.br

Current Conditions
São Paulo
nublado

18 ℃
86%
Temperatura
Umidade
Fonte: OpenWeatherMap. - 22:30:01
  1. [USD] USD 78,194.49
  1. [BRL] BRL 389,963.76 [USD] USD 78,194.49 [GBP] GBP 57,908.73 [EUR] EUR 66,777.55
    Price index provided by blockchain.info.
  2. Bitcoin Core version 31.0 is now available for download. See the release notes for more information about the bug fixes in this release.
    If you have any questions, please stop by the #bitcoin IRC chatroom (IRC, web) and we’ll do our best to help you.

dog - 22:41:17 up 215 days, 7:12, 4 users, load average: 0.01, 0.00, 0.00

Google News

[22/04/2026 17:03] CCJ da Câmara dá aval à proposta que acaba com a escala 6x1 - G1

[22/04/2026 20:57] Lula parabeniza diretor da PF por revogar credenciais de agente dos EUA - CNN Brasil

[22/04/2026 15:23] Modelo é encontrada morta em prédio no RJ e namorado é preso - Estado de Minas

[22/04/2026 12:35] Toffoli se declara suspeito para julgar prisão do ex-presidente do BRB - Correio Braziliense

[22/04/2026 10:11] 'Eles mataram o meu irmão': mulher encontra cápsulas no chão e contesta versão da PM após morte em abordagem na Pavuna - O GLOBO

[22/04/2026 18:20] Mendonça pede vista e suspende julgamento no STF sobre Eduardo Bolsonaro - CNN Brasil

[22/04/2026 18:15] Oposição pede impeachment de Gilmar Mendes por propor inclusão de Zema em inquérito das fake news - Estadão

[22/04/2026 16:52] MEC Livros ultrapassa meio milhão de usuários em pouco mais de duas semanas de funcionamento - Brasil 247

[22/04/2026 18:05] Oposição protocola pedido de impeachment contra o Ministro da Justiça - Jovem Pan

[22/04/2026 12:24] Corpo encontrado na Praia do Leblon é de advogada desaparecida no mar no sábado - O GLOBO

NVD Feed

[CVE-2025-45493] [Modified: 05-01-2026] [Analyzed] [V3.1 S6.5:MEDIUM] Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection via the iface parameter in the action_bandwidth function.

[CVE-2025-50526] [Modified: 02-01-2026] [Analyzed] [V3.1 S9.8:CRITICAL] Netgear EX8000 V1.0.0.126 was discovered to contain a command injection vulnerability via the switch_status function.

[CVE-2025-65865] [Modified: 06-01-2026] [Analyzed] [V3.1 S7.5:HIGH] An integer overflow in eProsima Fast-DDS v3.3 allows attackers to cause a Denial of Service (DoS) via a crafted input.

[CVE-2025-67108] [Modified: 02-01-2026] [Analyzed] [V3.1 S10.0:CRITICAL] eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections.

[CVE-2025-67109] [Modified: 06-01-2026] [Analyzed] [V3.1 S10.0:CRITICAL] Improper verification of the time certificate in Eclipse Cyclone DDS before v0.10.5 allows attackers to bypass certificate checks and execute commands with System privileges.

[CVE-2025-67111] [Modified: 06-01-2026] [Analyzed] [V3.1 S7.5:HIGH] An integer overflow in the RTPS protocol implementation of OpenDDS DDS before v3.33.0 allows attackers to cause a Denial of Service (DoS) via a crafted message.

[CVE-2024-57521] [Modified: 06-01-2026] [Analyzed] [V3.1 S10.0:CRITICAL] SQL Injection vulnerability in RuoYi v.4.7.9 and before allows a remote attacker to execute arbitrary code via the createTable function in SqlUtil.java.

[CVE-2025-29228] [Modified: 06-01-2026] [Analyzed] [V3.1 S9.8:CRITICAL] Linksys E5600 V1.1.0.26 is vulnerable to command injection in the runtime.macClone function via the mc.ip parameter.

[CVE-2025-29229] [Modified: 06-01-2026] [Analyzed] [V3.1 S9.8:CRITICAL] linksys E5600 V1.1.0.26 is vulnerable to command injection in the function ddnsStatus.

[CVE-2025-33222] [Modified: 15-01-2026] [Analyzed] [V3.1 S9.8:CRITICAL] NVIDIA Isaac Launchable contains a vulnerability where an attacker could exploit a hard-coded credential issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, denial of service, and data tampering.

[CVE-2025-33223] [Modified: 15-01-2026] [Analyzed] [V3.1 S9.8:CRITICAL] NVIDIA Isaac Launchable contains a vulnerability where an attacker could cause an execution with unnecessary privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, denial of service, information disclosure and data tampering.

[CVE-2025-33224] [Modified: 15-01-2026] [Analyzed] [V3.1 S9.8:CRITICAL] NVIDIA Isaac Launchable contains a vulnerability where an attacker could cause an execution with unnecessary privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, denial of service, information disclosure and data tampering.

[CVE-2025-65410] [Modified: 06-01-2026] [Analyzed] [V3.1 S6.2:MEDIUM] A stack overflow in the src/main.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service (DoS) via injecting a crafted input into the filename parameter.

[CVE-2025-65713] [Modified: 06-01-2026] [Analyzed] [V3.1 S4.0:MEDIUM] Home Assistant Core before v2025.8.0 is vulnerable to Directory Traversal. The Downloader integration does not fully validate file paths during concatenation, leaving a path traversal vulnerability.

[CVE-2025-51511] [Modified: 06-01-2026] [Analyzed] [V3.1 S9.8:CRITICAL] Cadmium CMS v.0.4.9 has a background arbitrary file upload vulnerability in /admin/content/filemanager/uploads.

[CVE-2025-25364] [Modified: 06-01-2026] [Analyzed] [V3.1 S8.4:HIGH] A command injection vulnerability in the me.connectify.SMJobBlessHelper XPC service of Speedify VPN up to v15.0.0 allows attackers to execute arbitrary commands with root-level privileges.

[CVE-2021-47716] [Modified: 31-12-2025] [Analyzed] [V3.1 S5.4:MEDIUM] Orangescrum 1.8.0 contains multiple cross-site scripting vulnerabilities that allow authenticated attackers to inject malicious scripts through various input parameters. Attackers can exploit parameters like 'projid', 'CS_message', and 'name' to execute arbitrary JavaScript code in victim's browsers by submitting crafted payloads through application endpoints.

[CVE-2021-47720] [Modified: 31-12-2025] [Analyzed] [V3.1 S7.1:HIGH] Orangescrum 1.8.0 contains an authenticated SQL injection vulnerability that allows authorized users to manipulate database queries through multiple vulnerable parameters. Attackers can inject malicious SQL code into parameters like old_project_id, project_id, uuid, and uniqid to potentially extract or modify database information.

[CVE-2021-47721] [Modified: 31-12-2025] [Analyzed] [V3.1 S8.8:HIGH] Orangescrum 1.8.0 contains a privilege escalation vulnerability that allows authenticated users to take over other project-assigned accounts by manipulating session cookies. Attackers can extract the victim's unique ID from the page source and replace their own session cookie to gain unauthorized access to another user's account.

[CVE-2021-47733] [Modified: 31-12-2025] [Analyzed] [V3.1 S6.1:MEDIUM] CMSimple 5.4 contains a cross-site scripting vulnerability that allows attackers to bypass input filtering by using HTML to Unicode encoding. Attackers can inject malicious scripts by encoding payloads like ')-alert(1)// and execute arbitrary JavaScript when victims interact with delete buttons.

 
Amazon AWS httpd php.net Lets Encrypt Bootstrap