fweno.onefour.com.br

Current Conditions
São Paulo
nuvens quebradas

18 ℃
79%
Temperatura
Umidade
Fonte: OpenWeatherMap. - 16:30:01
  1. [USD] USD 73,237.66
  1. [BRL] BRL 370,480.04 [USD] USD 73,237.66 [GBP] GBP 54,393.39 [EUR] EUR 62,772.15
    Price index provided by blockchain.info.
  2. After Bitcoin Core 0.14.0 and before Bitcoin Core 29.0, validating a specially-crafted block may cause the node to access previously freed memory.
    During validation, necessary data required for checking inputs for each transaction is pre-calculated and cached. For specially crafted invalid blocks, it was possible for this data to be destroyed while it was still being accessed by a background validation thread. An attacker capable of mining a block with sufficient proof-of-work could have exploited this to crash victim nodes. Because of the nature of use-after-free bugs, it is possible that the crash could have been used for remote code execution, though constraints on the input (block) data make this unlikely.
    This issue is considered High severity.

    Details

    By default, script validation for new blocks is dispatched to background threads via a vector of CScriptCheck functors. Each CScriptCheck holds a pointer to a PrecomputedTransactionData object which stores some data needed by each input in the transaction. Because it stores a pointer and not the data itself, care must be taken to ensure that the PrecomputedTransactionData outlives the CScriptCheck.
    The script checks lifetime is enforced by an RAII class, CCheckQueueControl. However, the control is intantiated before the precomputed transaction data. Because local objects in C++ are destructed in reverse order of construction, this means the vector of PrecomputedTransactionData is destroyed before the CCheckQueueControl.
    This is not an issue when the block is valid, as CCheckQueueControl::Wait() will be called before the function returns and the PrecomputedTransactionData gets destroyed. However, in case of an early return (when a separate check fails) a background script thread may read the precomputed transaction data after it was destroyed. An attacker could exploit this to crash victim nodes at the expense of a valid PoW at tip.

    Attribution

    Cory Fields (MIT DCI) discovered this vulnerability and responsibly disclosed it in a detailed report containing a proof of concept for reproduction and a proposed mitigation.

    Timeline

    • 2024-11-02 Cory Fields privately reports the bug
    • 2024-11-06 Pieter Wuille pushes a covert fix to already open PR #31112 which works around the issue by removing the early returns
    • 2024-12-03 PR #31112 is merged
    • 2025-04-12 Bitcoin Core version 29.0 is released with a fix
    • 2026-04-19 The last vulnerable Bitcoin Core version (28.x) goes end of life
    • 2026-05-05 Public disclosure.

dog - 16:54:51 up 252 days, 1:26, 4 users, load average: 0.00, 0.00, 0.00

Google News

[29/05/2026 15:56] João Fonseca supera Djokovic, maior vencedor da história do tênis, e avança às oitavas de Roland Garros - O Globo

[29/05/2026 12:57] Planalto diz que classificação dos EUA sobre PCC e CV coloca PIX em risco - CNN Brasil

[29/05/2026 12:32] Lula diz que indicará Jorge Messias novamente ao STF - CNN Brasil

[29/05/2026 14:35] Fotos da necropsia de Henry Borel fazem Monique Medeiros passar mal e deixar plenário durante julgamento - Extra online

[29/05/2026 13:50] Pacheco confirma que não disputará governo de MG e diz que vai encerrar carreira política - G1

[29/05/2026 12:21] Trump faz reunião na Casa Branca para tomar decisão final sobre Irã - CNN Brasil

[29/05/2026 03:00] Fim da escala 6x1: oposição avança com proposta alternativa no Senado - CNN Brasil

[29/05/2026 09:19] Josias de Souza: A pedido de Flávio, Trump enfiou seu pé-frio na sucessão do Brasil - UOL Notícias

[29/05/2026 08:03] Os números da primeira pesquisa Poder/Aya para a presidência - CartaCapital

[29/05/2026 07:52] Drone russo atinge prédio na Romênia e provoca reação da UE e da Otan: 'Rússia cruzou mais uma linha' - BBC

NVD Feed

[CVE-2025-62514] [Modified: 02-03-2026] [Analyzed] [V3.1 S8.3:HIGH] Parsec is a cloud-based application for cryptographically secure file sharing. In versions on the 3.x branch prior to 3.6.0, `libparsec_crypto`, a component of the Parsec application, does not check for weak order point of Curve25519 when compiled with its RustCrypto backend. In practice this means an attacker in a man-in-the-middle position would be able to provide weak order points to both parties in the Diffie-Hellman exchange, resulting in a high probability to for both parties to obtain the same shared key (hence leading to a successful SAS code exchange, misleading both parties into thinking no MITM has occurred) which is also known by the attacker. Note only Parsec web is impacted (as Parsec desktop uses `libparsec_crypto` with the libsodium backend). Version 3.6.0 of Parsec patches the issue.

[CVE-2025-71011] [Modified: 03-02-2026] [Analyzed] [V3.1 S6.2:MEDIUM] An input validation vulnerability in the flow.Tensor.new_empty/flow.Tensor.new_ones/flow.Tensor.new_zeros component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.

[CVE-2026-1595] [Modified: 29-04-2026] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability was detected in itsourcecode Society Management System 1.0. This affects an unknown part of the file /admin/edit_student_query.php. The manipulation of the argument student_id results in sql injection. The attack can be executed remotely. The exploit is now public and may be used.

[CVE-2026-1596] [Modified: 29-04-2026] [Analyzed] [V3.1 S6.3:MEDIUM] A flaw has been found in D-Link DWR-M961 1.1.47. This vulnerability affects the function sub_419920 of the file /boafrm/formLtefotaUpgradeQuectel. This manipulation of the argument fota_url causes command injection. The attack is possible to be carried out remotely. The exploit has been published and may be used.

[CVE-2026-1597] [Modified: 29-04-2026] [Analyzed] [V3.1 S6.3:MEDIUM] A vulnerability has been found in Bdtask SalesERP up to 20260116. This issue affects some unknown processing of the component Administrative Endpoint. Such manipulation of the argument ci_session leads to improper authorization. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2025-15545] [Modified: 09-03-2026] [Analyzed] [V3.1 S6.8:MEDIUM] The backup restore function does not properly validate unexpected or unrecognized tags within the backup file. When such a crafted file is restored, the injected tag is interpreted by a shell, allowing execution of arbitrary commands with root privileges. Successful exploitation allows the attacker to gain root-level command execution, compromising confidentiality, integrity and availability.

[CVE-2026-1598] [Modified: 29-04-2026] [Analyzed] [V3.1 S3.5:LOW] A vulnerability was found in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. Impacted is an unknown function of the file /dashboard/home/profile of the component User Information Module. Performing a manipulation of the argument fullname results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2026-1599] [Modified: 29-04-2026] [Analyzed] [V3.1 S4.3:MEDIUM] A vulnerability was determined in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. The affected element is an unknown function of the file /hungry/placeorder of the component Checkout. Executing a manipulation of the argument orggrandTotal/vat/service_charge/grandtotal can lead to business logic errors. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2026-1600] [Modified: 29-04-2026] [Analyzed] [V3.1 S4.3:MEDIUM] A vulnerability was identified in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. The impacted element is an unknown function of the file /hungry/addtocart of the component Add-to-Cart Submission Endpoint. The manipulation of the argument price/allprice leads to business logic errors. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2026-23896] [Modified: 15-04-2026] [Analyzed] [V3.1 S7.2:HIGH] immich is a high performance self-hosted photo and video management solution. Prior to version 2.5.0, API keys can escalate their own permissions by calling the update endpoint, allowing a low-privilege API key to grant itself full administrative access to the system. Version 2.5.0 fixes the issue.

[CVE-2026-24054] [Modified: 24-02-2026] [Analyzed] [V3.1 S10.0:CRITICAL] Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines (VMs) that perform like containers. In versions prior to 3.26.0, when a container image is malformed or contains no layers, containerd falls back to bind-mounting an empty snapshotter directory for the container rootfs. When the Kata runtime attempts to mount the container rootfs, the bind mount causes the rootfs to be detected as a block device, leading to the underlying device being hotplugged to the guest. This can cause filesystem-level errors on the host due to double inode allocation, and may lead to the host's block device being mounted as read-only. Version 3.26.0 contains a patch for the issue.

[CVE-2026-24413] [Modified: 19-02-2026] [Analyzed] [V3.1 S5.5:MEDIUM] Icinga 2 is an open source monitoring system. Starting in version 2.3.0 and prior to versions 2.13.14, 2.14.8, and 2.15.2, the Icinga 2 MSI did not set appropriate permissions for the `%ProgramData%\icinga2\var` folder on Windows. This resulted in the its contents - including the private key of the user and synced configuration - being readable by all local users. All installations on Windows are affected. Versions 2.13.14, 2.14.8, and 2.15.2 contains a fix. There are two possibilities to work around the issue without upgrading Icinga 2. Upgrade Icinga for Windows to at least version v1.13.4, v1.12.4, or v1.11.2. These version will automatically fix the ACLs for the Icinga 2 agent as well. Alternatively, manually update the ACL for the given folder `C:\ProgramData\icinga2\var` (and `C:\Program Files\WindowsPowerShell\modules\icinga-powershell-framework\certificate` to fix the issue for the Icinga for Windows as well) including every sub-folder and item to restrict access for general users, only allowing the Icinga service user and administrators access.

[CVE-2026-24414] [Modified: 10-03-2026] [Analyzed] [V3.1 S5.5:MEDIUM] The Icinga PowerShell Framework provides configuration and check possibilities to ensure integration and monitoring of Windows environments. In versions prior to 1.13.4, 1.12.4, and 1.11.2, permissions of the Icinga for Windows `certificate` directory grant every user read access, which results in the exposure of private key of the Icinga certificate for the given host. All installations are affected. Versions 1.13.4, 1.12.4, and 1.11.2 contains a patch. Please note that upgrading to a fixed version of Icinga for Windows will also automatically fix a similar issue present in Icinga 2, CVE-2026-24413. As a workaround, the permissions can be restricted manually by updating the ACL for the given folder `C:\Program Files\WindowsPowerShell\modules\icinga-powershell-framework\certificate` (and `C:\ProgramData\icinga2\var` to fix the issue for the Icinga 2 agent as well) including every sub-folder and item to restrict access for general users, only allowing the Icinga service user and administrators access.

[CVE-2026-24780] [Modified: 17-02-2026] [Analyzed] [V3.1 S8.8:HIGH] AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.44, AutoGPT Platform's block execution endpoints (both main web API and external API) allow executing blocks by UUID without checking the `disabled` flag. Any authenticated user can execute the disabled `BlockInstallationBlock`, which writes arbitrary Python code to the server filesystem and executes it via `__import__()`, achieving Remote Code Execution. In default self-hosted deployments where Supabase signup is enabled, an attacker can self-register; if signup is disabled (e.g., hosted), the attacker needs an existing account. autogpt-platform-beta-v0.6.44 contains a fix.

[CVE-2025-13399] [Modified: 09-03-2026] [Analyzed] [V3.1 S8.8:HIGH] A weakness in the web interface’s application layer encryption in VX800v v1.0 allows an adjacent attacker to brute force the weak AES key and decrypt intercepted traffic. Successful exploitation requires network proximity but no authentication, and may result in high impact to confidentiality, integrity, and availability of transmitted data.

[CVE-2025-15541] [Modified: 09-03-2026] [Analyzed] [V3.1 S6.3:MEDIUM] Improper link resolution in the VX800v v1.0 SFTP service allows authenticated adjacent attackers to use crafted symbolic links to access system files, resulting in high confidentiality impact and limited integrity risk.

[CVE-2025-15542] [Modified: 09-03-2026] [Analyzed] [V3.1 S5.3:MEDIUM] Improper handling of exceptional conditions in VX800v v1.0 in SIP processing allows an attacker to flood the device with crafted INVITE messages, blocking all voice lines and causing a denial of service on incoming calls.

[CVE-2025-15543] [Modified: 09-03-2026] [Analyzed] [V3.1 S4.6:MEDIUM] Improper link resolution in USB HTTP access path in VX800v v1.0 allows a crafted USB device to expose root filesystem contents, giving an attacker with physical access read‑only access to system files.

[CVE-2025-15548] [Modified: 09-03-2026] [Analyzed] [V3.1 S6.5:MEDIUM] Some VX800v v1.0 web interface endpoints transmit sensitive information over unencrypted HTTP due to missing application layer encryption, allowing a network adjacent attacker to intercept this traffic and compromise its confidentiality.

[CVE-2025-69749] [Modified: 19-02-2026] [Analyzed] [V3.1 S6.1:MEDIUM] Cross Site Scripting vulnerability in tale v.2.0.5 allows an attacker to execute arbitrary code.

 
Amazon AWS httpd php.net Lets Encrypt Bootstrap