[25/03/2026 08:25] CEO e ex-sócio do Grupo Fictor, que iria comprar o banco Master de Vorcaro, são alvos de operação da PF sobre fraudes bancárias - G1

[25/03/2026 02:01] TSE torna Cláudio Castro, ex-governador do RJ, inelegível - Poder360

[25/03/2026 00:06] Trump demonstra otimismo para acordo com o Irã; veja as últimas informações - CNN Brasil

[24/03/2026 16:10] As restrições impostas a Jair Bolsonaro na prisão domiciliar temporária - CartaCapital

[24/03/2026 20:35] Deputados do PT pedem afastamento de presidente da CPMI do INSS - Estado de Minas

[25/03/2026 08:30] Atlas/Bloomberg: Flávio e Lula surgem empatados em cenário de 2º turno - CNN Brasil

[25/03/2026 06:00] Auxílio-reclusão, aumento de pena e bloqueio de bens: saiba o que muda com o PL Antifacção - Jovem Pan

[25/03/2026 05:48] Homem discute com esposa, pega arma e a mata em BH - Estado de Minas

[25/03/2026 07:40] Prefeitura do Rio demite Monique Medeiros após saída da prisão - Diário do Rio

[25/03/2026 03:30] Saiba quem é a professora da Unicamp presa por furto de material biológico de laboratório de virologia - O Globo

[CVE-2025-36134] [Modified: 01-12-2025] [Analyzed] [V3.1 S3.7:LOW] IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie.

[CVE-2025-60739] [Modified: 30-12-2025] [Analyzed] [V3.1 S9.6:CRITICAL] Cross Site Request Forgery (CSRF) vulnerability in Ilevia EVE X1 Server Firmware Version v4.7.18.0.eden and before, Logic Version v6.00 - 2025_07_21 allows a remote attacker to execute arbitrary code via the /bh_web_backend component

[CVE-2025-64049] [Modified: 03-12-2025] [Analyzed] [V3.1 S4.8:MEDIUM] A stored cross-site scripting (XSS) vulnerability in the module management component in REDAXO CMS 5.20.0 allows remote users to inject arbitrary web script or HTML via the Output code field in modules. The payload is executed when a user views or edits an article by adding slice that uses the compromised module.

[CVE-2025-64050] [Modified: 03-12-2025] [Analyzed] [V3.1 S7.2:HIGH] A Remote Code Execution (RCE) vulnerability in the template management component in REDAXO CMS 5.20.0 allows remote authenticated administrators to execute arbitrary operating system commands by injecting PHP code into an active template. The payload is executed when visitors access frontend pages using the compromised template.

[CVE-2025-63729] [Modified: 30-12-2025] [Analyzed] [V3.1 S9.0:CRITICAL] An issue was discovered in Syrotech SY-GPON-1110-WDONT SYRO_3.7L_3.1.02-240517 allowing attackers to exctract the SSL Private Key, CA Certificate, SSL Certificate, and Client Certificates in .pem format in firmware in etc folder.

[CVE-2025-64061] [Modified: 01-12-2025] [Analyzed] [V3.1 S4.3:MEDIUM] Primakon Pi Portal 1.0.18 /api/v2/users endpoint is vulnerable to unauthorized data exposure due to deficient access control mechanisms. Any authenticated user, regardless of their privilege level (including standard or low-privileged users), can make a GET request to this endpoint and retrieve a complete, unfiltered list of all registered application users. Crucially, the API response body for this endpoint includes password hashes.

[CVE-2025-33187] [Modified: 02-12-2025] [Analyzed] [V3.1 S9.3:CRITICAL] NVIDIA DGX Spark GB10 contains a vulnerability in SROOT, where an attacker could use privileged access to gain access to SoC protected areas. A successful exploit of this vulnerability might lead to code execution, information disclosure, data tampering, denial of service, or escalation of privileges.

[CVE-2025-33188] [Modified: 02-12-2025] [Analyzed] [V3.1 S8.0:HIGH] NVIDIA DGX Spark GB10 contains a vulnerability in hardware resources where an attacker could tamper with hardware controls. A successful exploit of this vulnerability might lead to information disclosure, data tampering, or denial of service.

[CVE-2025-33189] [Modified: 02-12-2025] [Analyzed] [V3.1 S7.8:HIGH] NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause an out-of-bound write. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, information disclosure, or escalation of privileges.

[CVE-2025-33190] [Modified: 02-12-2025] [Analyzed] [V3.1 S6.7:MEDIUM] NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware where an attacker could cause an out-of-bound write. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, or escalation of privileges.

[CVE-2025-33191] [Modified: 02-12-2025] [Analyzed] [V3.1 S5.7:MEDIUM] NVIDIA DGX Spark GB10 contains a vulnerability in OSROOT firmware, where an attacker could cause an invalid memory read. A successful exploit of this vulnerability might lead to denial of service.

[CVE-2025-33192] [Modified: 02-12-2025] [Analyzed] [V3.1 S5.7:MEDIUM] NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause an arbitrary memory read. A successful exploit of this vulnerability might lead to denial of service.

[CVE-2025-33193] [Modified: 02-12-2025] [Analyzed] [V3.1 S5.7:MEDIUM] NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause improper validation of integrity. A successful exploit of this vulnerability might lead to information disclosure.

[CVE-2025-33194] [Modified: 02-12-2025] [Analyzed] [V3.1 S5.7:MEDIUM] NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause improper processing of input data. A successful exploit of this vulnerability might lead to information disclosure or denial of service.

[CVE-2025-33195] [Modified: 02-12-2025] [Analyzed] [V3.1 S4.4:MEDIUM] NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause unexpected memory buffer operations. A successful exploit of this vulnerability might lead to data tampering, denial of service, or escalation of privileges.

[CVE-2025-33196] [Modified: 02-12-2025] [Analyzed] [V3.1 S4.4:MEDIUM] NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploit of this vulnerability might lead to information disclosure.

[CVE-2025-33197] [Modified: 02-12-2025] [Analyzed] [V3.1 S4.3:MEDIUM] NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a NULL pointer dereference. A successful exploit of this vulnerability might lead to denial of service.

[CVE-2025-33198] [Modified: 02-12-2025] [Analyzed] [V3.1 S3.3:LOW] NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploit of this vulnerability might lead to information disclosure.

[CVE-2025-33199] [Modified: 02-12-2025] [Analyzed] [V3.1 S3.2:LOW] NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause incorrect control flow behavior. A successful exploit of this vulnerability might lead to data tampering.

[CVE-2025-33200] [Modified: 02-12-2025] [Analyzed] [V3.1 S2.3:LOW] NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploit of this vulnerability might lead to information disclosure.