fweno.onefour.com.br

Current Conditions
São Paulo
chuva fraca

24 ℃
79%
Temperatura
Umidade
Fonte: OpenWeatherMap. - 18:00:02
  1. [USD] USD 68,333.57
  1. [BRL] BRL 353,786.78 [USD] USD 68,333.57 [GBP] GBP 50,694.42 [EUR] EUR 58,000.71
    Price index provided by blockchain.info.
  2. Bitcoin Core version 29.3 is now available for download. See the release notes for more information about the bug fixes in this release.
    If you have any questions, please stop by the #bitcoin IRC chatroom (IRC, web) and we’ll do our best to help you.

dog - 18:00:04 up 155 days, 2:31, 8 users, load average: 0.01, 0.00, 0.00

Google News

[20/02/2026 20:03] Lula exclui China do grupo de democracias do chamado Sul Global - Poder360

[21/02/2026 12:02] Após críticas, Nikolas nega amnésia e diz que Eduardo não está bem - CNN Brasil

[21/02/2026 07:00] O que os deputados estão discutindo sobre canetas emagrecedoras e o que pode ser mudado - Diário do Nordeste

[21/02/2026 06:30] Brasil perdeu patente internacional da polilaminina por falta de verba, diz pesquisadora - Revista Oeste

[20/02/2026 07:13] Blindagem no Master: Mendonça afasta Andrei Passos, diretor da PF, das investigações e centraliza decisões - Revista Fórum

[20/02/2026 08:54] Saiba como o Irã está se preparando para um possível ataque dos EUA - CNN Brasil

[21/02/2026 11:58] Ex-vereadora é morta em casa no RS; ex-marido é principal suspeito - Estado de Minas

[21/02/2026 10:04] Como fica o tempo neste fim de semana no Rio Grande do Sul - MetSul Meteorologia

[21/02/2026 09:30] Grande BH: denúncia leva à apreensão de 725 quilos de maconha em condomínio - Estado de Minas

[20/02/2026 15:14] Grupo Supernosso inicia implementação da escala 5X2: saiba como vai funcionar - O TEMPO

NVD Feed

[CVE-2025-60729] [Modified: 27-10-2025] [Analyzed] [V3.1 S5.3:MEDIUM] PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the validThemeFilePath function

[CVE-2025-60730] [Modified: 27-10-2025] [Analyzed] [V3.1 S7.6:HIGH] PerfreeBlog v4.0.11 has an arbitrary file deletion vulnerability in the unInstallTheme function

[CVE-2025-60731] [Modified: 27-10-2025] [Analyzed] [V3.1 S7.6:HIGH] PerfreeBlog v4.0.11 has a File Upload vulnerability in the installTheme function

[CVE-2025-60735] [Modified: 27-10-2025] [Analyzed] [V3.1 S7.6:HIGH] PerfreeBlog v4.0.11 has a File Upload vulnerability in the installPlugin function

[CVE-2025-60954] [Modified: 28-10-2025] [Analyzed] [V3.1 S8.3:HIGH] Microweber CMS 2.0 has Weak Password Requirements. The application does not enforce minimum password length or complexity during password resets. Users can set extremely weak passwords, including single-character passwords, which can lead to account compromise, including administrative accounts.

[CVE-2025-62717] [Modified: 28-10-2025] [Analyzed] [V3.1 S9.1:CRITICAL] Emlog is an open source website building system. In version 2.5.23, Emlog Pro is vulnerable to a session verification code error due to a clearing logic error. This means the verification code could be reused anywhere an email verification code is required. This issue has been fixed in commit 1f726df.

[CVE-2025-62723] [Modified: 31-10-2025] [Analyzed] [V3.1 S4.3:MEDIUM] FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.23.2, any authenticated user can create sessions and have them collect QoS messages. When not sent to a client, these are then not released upon (eventual) session expiration. Version 1.23.2 fixes the issue.

[CVE-2025-62711] [Modified: 03-11-2025] [Analyzed] [V3.1 S3.1:LOW] Wasmtime is a runtime for WebAssembly. In versions from 38.0.0 to before 38.0.3, the implementation of component-model related host-to-wasm trampolines in Wasmtime contained a bug where it's possible to carefully craft a component, which when called in a specific way, would crash the host with a segfault or assert failure. Wasmtime 38.0.3 has been released and is patched to fix this issue. There are no workarounds.

[CVE-2025-11823] [Modified: 26-11-2025] [Analyzed] [V3.1 S6.4:MEDIUM] The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'button_exist_text' parameter in the 'wishsuite_button' shortcode in all versions up to, and including, 3.2.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

[CVE-2025-11564] [Modified: 05-12-2025] [Analyzed] [V3.1 S5.3:MEDIUM] The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check while verifying webhook signatures on the "verifyAndCreateOrderData" function in all versions up to, and including, 3.8.3. This makes it possible for unauthenticated attackers to bypass payment verification and mark orders as paid by submitting forged webhook requests with `payment_type` set to 'recurring'.

[CVE-2025-6680] [Modified: 05-12-2025] [Analyzed] [V3.1 S4.3:MEDIUM] The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.8.3. This makes it possible for authenticated attackers, with tutor-level access and above, to view assignments for courses they don't teach which may contain sensitive information.

[CVE-2025-12216] [Modified: 10-11-2025] [Analyzed] [V3.1 S5.5:MEDIUM] Malicious / Malformed App can be Installed but not Uninstalled/may lead to unavailability.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

[CVE-2025-12217] [Modified: 10-11-2025] [Analyzed] [V3.1 S9.1:CRITICAL] SNMP Default Community String (public).This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

[CVE-2025-12218] [Modified: 10-11-2025] [Analyzed] [V3.1 S9.1:CRITICAL] Weak Default Credentials.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

[CVE-2025-12219] [Modified: 10-11-2025] [Analyzed] [V3.1 S9.8:CRITICAL] Vulnerable Components in Azure Access OS.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

[CVE-2025-12220] [Modified: 10-11-2025] [Analyzed] [V3.1 S9.8:CRITICAL] Busybox 1.31.1 - Multiple Known Vulnerabilities.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

[CVE-2025-12221] [Modified: 07-11-2025] [Analyzed] [V3.1 S8.8:HIGH] Busybox 1.31.1 - Multiple Known Vulnerabilities.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

[CVE-2025-12275] [Modified: 07-11-2025] [Analyzed] [V3.1 S9.8:CRITICAL] Mail Configuration File Manipulation + Command Execution.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

[CVE-2025-12278] [Modified: 10-11-2025] [Analyzed] [V3.1 S6.5:MEDIUM] Logout Functionality not Working.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

[CVE-2025-12284] [Modified: 10-11-2025] [Analyzed] [V3.1 S6.1:MEDIUM] Lack of Input Validation in the web UI might lead to potential exploitation.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

 
Amazon AWS httpd php.net Lets Encrypt Bootstrap