[04/02/2026 00:01] Caso Master: PT admite apoiar CPI, mas só a governista proposta na Câmara - Diário do Poder - Diário do Poder

[04/02/2026 11:04] Tornozeleira de Oruam está desligada desde domingo; rapper é procurado - Estado de Minas

[04/02/2026 08:43] Criminosos da Trio de Ouro, em São João de Meriti, são apontados como autores de estupro coletivo de menina de 13 anos - Extra online

[04/02/2026 10:00] Real Time Big Data: no Ceará, Elmano e Ciro empatam para governador - CNN Brasil

[04/02/2026 10:57] Ibaneis passa a ser investigado pelo STJ por supostas irregularidades no caso Master - Correio Braziliense

[04/02/2026 02:01] 72% da população mundial vive sob regimes autoritários, indica Human Rights Watch - G1

[04/02/2026 11:26] Câmara de Fortaleza aprova reajuste salarial, planejamento domiciliar e benefício para professores - Diário do Nordeste

[04/02/2026 11:56] Camilo Santana anuncia saída do MEC, mas nega candidatura no CE - Portal iG

[04/02/2026 11:25] Filho de José Alencar é sondado para candidatura ao Governo de Minas apoiada por Lula - Estado de Minas

[04/02/2026 09:22] Chuva em excesso no Sudeste e calor excessivo no Sul - MetSul Meteorologia

[CVE-2025-11402] [Modified: 09-10-2025] [Analyzed] [V3.1 S6.3:MEDIUM] A vulnerability has been found in SourceCodester Hotel and Lodge Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /del_curr.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.

[CVE-2025-11403] [Modified: 09-10-2025] [Analyzed] [V3.1 S6.3:MEDIUM] A vulnerability was found in SourceCodester Hotel and Lodge Management System 1.0. Affected by this issue is some unknown functionality of the file /del_booking.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used.

[CVE-2025-1826] [Modified: 12-12-2025] [Analyzed] [V3.1 S5.4:MEDIUM] IBM Engineering Requirements Management DOORS Next (IBM Jazz Foundation 7.0.2 to 7.0.2 iFix034, 7.0.3 to 7.0.3 iFix016, and 7.1.0 to 7.1.0 iFix004) is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users on the host network to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

[CVE-2025-36156] [Modified: 16-10-2025] [Analyzed] [V3.1 S7.4:HIGH] IBM InfoSphere Data Replication VSAM for z/OS Remote Source 11.4 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user with access to the files storing CECSUB or CECRM on the container could overflow the buffer and execute arbitrary code on the system.

[CVE-2025-43890] [Modified: 14-10-2025] [Analyzed] [V3.1 S6.7:MEDIUM] Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

[CVE-2025-43906] [Modified: 14-10-2025] [Analyzed] [V3.1 S6.7:MEDIUM] Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

[CVE-2025-43911] [Modified: 14-10-2025] [Analyzed] [V3.1 S6.7:MEDIUM] Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

[CVE-2025-11192] [Modified: 15-01-2026] [Analyzed] [V3.1 S8.6:HIGH] A vulnerability in Extreme Networks’ Fabric Engine (VOSS) before 9.3 was discovered. When SD-WAN AutoSense is enabled on a port, it may automatically configure fabric connectivity without validating ISIS authentication settings. The SD-WAN AutoSense implementation may be exploited by malicious actors by allowing unauthorized access to network fabric and configuration data.

[CVE-2025-11404] [Modified: 09-10-2025] [Analyzed] [V3.1 S6.3:MEDIUM] A vulnerability was determined in SourceCodester Hotel and Lodge Management System 1.0. This affects an unknown part of the file /pages/save_tax.php. Executing manipulation of the argument percentage can lead to sql injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized.

[CVE-2025-11405] [Modified: 09-10-2025] [Analyzed] [V3.1 S6.3:MEDIUM] A vulnerability was identified in SourceCodester Hotel and Lodge Management System 1.0. This vulnerability affects unknown code of the file /del_tax.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be used.

[CVE-2025-43889] [Modified: 14-10-2025] [Analyzed] [V3.1 S5.3:MEDIUM] Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4, LTS2024 release Versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

[CVE-2025-43891] [Modified: 14-10-2025] [Analyzed] [V3.1 S5.3:MEDIUM] Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an use of a Broken or Risky Cryptographic Algorithm vulnerability in the Authentication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.

[CVE-2025-43905] [Modified: 14-10-2025] [Analyzed] [V3.1 S4.3:MEDIUM] Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.

[CVE-2025-43907] [Modified: 14-10-2025] [Analyzed] [V3.1 S6.5:MEDIUM] Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Path Traversal: '.../...//' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

[CVE-2025-43908] [Modified: 14-10-2025] [Analyzed] [V3.1 S6.4:MEDIUM] Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.

[CVE-2025-43909] [Modified: 14-10-2025] [Analyzed] [V3.1 S3.7:LOW] Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Use of a Broken or Risky Cryptographic Algorithm vulnerability in the DD boost. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

[CVE-2025-43912] [Modified: 14-10-2025] [Analyzed] [V3.1 S5.3:MEDIUM] Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Heap-based Buffer Overflow vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.

[CVE-2025-43913] [Modified: 14-10-2025] [Analyzed] [V3.1 S5.3:MEDIUM] Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Use of a Broken or Risky Cryptographic Algorithm vulnerability in the DDOS. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to information disclosure. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information.

[CVE-2025-43934] [Modified: 14-10-2025] [Analyzed] [V3.1 S6.0:MEDIUM] Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service and Unauthorized access.

[CVE-2025-45375] [Modified: 14-10-2025] [Analyzed] [V3.1 S4.4:MEDIUM] Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Stack-based Buffer Overflow vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service.