[27/04/2026 19:52] Itamaraty confirma que ataque israelense matou dois brasileiros no Líbano - Correio Braziliense

[27/04/2026 15:09] Flávio diz que Lula trata agro como 'lixo' e projeta Tarcísio presidente - Revista Oeste

[27/04/2026 13:05] Com dança das cadeiras, indicação de Messias ao STF avança na CCJ - Poder360

[27/04/2026 08:00] Suspeito de ataque em jantar com Trump deve ir ao tribunal hoje (27) - CNN Brasil

[27/04/2026 19:58] Policial preso por morte de empresário na Pavuna integra comissão que fiscaliza contrato de câmeras corporais da PM - O GLOBO

[27/04/2026 16:20] “Não vejo Lula nem Flávio ganhando a eleição”, diz Kassab - Poder360

[27/04/2026 19:52] Temer diz que Gilmar não deveria ter respondido a Zema: ‘Mais argumentos dá para contestação’ - R7

[27/04/2026 16:23] Trecho de rodovia em Aquiraz onde homem morreu em cratera teve obra entregue em 2020 - Diário do Nordeste

[26/04/2026 16:50] PT, PV e PCdoB acionam TSE contra perfil de IA que faz críticas à esquerda - CNN Brasil

[27/04/2026 12:54] Semana começa com chuva em SP, mas tempo volta a firmar nos próximos dias - Climatempo

[CVE-2025-15155] [Modified: 06-01-2026] [Analyzed] [V3.1 S5.3:MEDIUM] A vulnerability was detected in floooh sokol up to 16cbcc864012898793cd2bc57f802499a264ea40. The impacted element is the function _sg_pipeline_desc_defaults in the library sokol_gfx.h. The manipulation results in stack-based buffer overflow. The attack requires a local approach. The exploit is now public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The patch is identified as 5d11344150973f15e16d3ec4ee7550a73fb995e0. It is advisable to implement a patch to correct this issue.

[CVE-2025-15160] [Modified: 30-12-2025] [Analyzed] [V3.1 S7.2:HIGH] A vulnerability has been found in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/PPTPServer. Such manipulation of the argument ip1 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

[CVE-2025-15163] [Modified: 30-12-2025] [Analyzed] [V3.1 S7.2:HIGH] A vulnerability was identified in Tenda WH450 1.0.0.18. Affected by this issue is some unknown functionality of the file /goform/SafeEmailFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.

[CVE-2025-15165] [Modified: 30-12-2025] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability has been found in itsourcecode Online Cake Ordering System 1.0. The impacted element is an unknown function of the file /updatecustomer.php?action=edit. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

[CVE-2025-15166] [Modified: 30-12-2025] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability was found in itsourcecode Online Cake Ordering System 1.0. This affects an unknown function of the file /updatesupplier.php?action=edit. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could be used.

[CVE-2025-15167] [Modified: 30-12-2025] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability was determined in itsourcecode Online Cake Ordering System 1.0. This impacts an unknown function of the file /detailtransac.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.

[CVE-2025-15168] [Modified: 09-01-2026] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability was identified in itsourcecode Student Management System 1.0. Affected is an unknown function of the file /statistical.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used.

[CVE-2025-52691] [Modified: 27-01-2026] [Analyzed] [V3.1 S10.0:CRITICAL] Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbitrary files to any location on the mail server, potentially enabling remote code execution.

[CVE-2025-15170] [Modified: 07-01-2026] [Analyzed] [V3.1 S4.3:MEDIUM] A security vulnerability has been detected in Advaya Softech GEMS ERP Portal up to 2.1. This affects an unknown part of the file /home.jsp?isError=true of the component Error Message Handler. The manipulation of the argument Message leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2025-15171] [Modified: 07-01-2026] [Analyzed] [V3.1 S3.5:LOW] A vulnerability was identified in SohuTV CacheCloud up to 3.2.0. This affects the function index of the file src/main/java/com/sohu/cache/web/controller/ServerController.java. The manipulation leads to cross site scripting. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet.

[CVE-2025-15172] [Modified: 07-01-2026] [Analyzed] [V3.1 S3.5:LOW] A security flaw has been discovered in SohuTV CacheCloud up to 3.2.0. This impacts the function preview of the file src/main/java/com/sohu/cache/web/controller/RedisConfigTemplateController.java. The manipulation results in cross site scripting. The attack can be executed remotely. The exploit has been released to the public and may be exploited. The project was informed of the problem early through an issue report but has not responded yet.

[CVE-2025-15173] [Modified: 07-01-2026] [Analyzed] [V3.1 S3.5:LOW] A weakness has been identified in SohuTV CacheCloud up to 3.2.0. Affected is the function advancedAnalysis of the file src/main/java/com/sohu/cache/web/controller/InstanceController.java. This manipulation causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited. The project was informed of the problem early through an issue report but has not responded yet.

[CVE-2025-15174] [Modified: 07-01-2026] [Analyzed] [V3.1 S3.5:LOW] A security vulnerability has been detected in SohuTV CacheCloud up to 3.2.0. Affected by this vulnerability is the function doAppAuditList of the file src/main/java/com/sohu/cache/web/controller/AppManageController.java. Such manipulation leads to cross site scripting. The attack may be performed from remote. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet.

[CVE-2025-15175] [Modified: 07-01-2026] [Analyzed] [V3.1 S3.5:LOW] A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. Affected by this issue is the function doAppList/appCommandAnalysis of the file src/main/java/com/sohu/cache/web/controller/AppController.java. Performing manipulation results in cross site scripting. It is possible to initiate the attack remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.

[CVE-2025-15177] [Modified: 30-12-2025] [Analyzed] [V3.1 S7.2:HIGH] A vulnerability has been found in Tenda WH450 1.0.0.18. This vulnerability affects unknown code of the file /goform/SetIpBind of the component HTTP Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

[CVE-2025-15225] [Modified: 31-12-2025] [Analyzed] [V3.1 S7.5:HIGH] WMPro developed by Sunnet has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to read arbitrary system files.

[CVE-2025-15226] [Modified: 31-12-2025] [Analyzed] [V3.1 S9.8:CRITICAL] WMPro developed by Sunnet has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.

[CVE-2025-15178] [Modified: 30-12-2025] [Analyzed] [V3.1 S7.2:HIGH] A vulnerability was found in Tenda WH450 1.0.0.18. This issue affects some unknown processing of the file /goform/VirtualSer of the component HTTP Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used.

[CVE-2025-15179] [Modified: 30-12-2025] [Analyzed] [V3.1 S7.2:HIGH] A vulnerability was determined in Tenda WH450 1.0.0.18. Impacted is an unknown function of the file /goform/qossetting. This manipulation of the argument page causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.

[CVE-2025-15227] [Modified: 31-12-2025] [Analyzed] [V3.1 S7.5:HIGH] BPMFlowWebkit developed by WELLTEND TECHNOLOGY has a Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files.