fweno.onefour.com.br

Current Conditions
São Paulo
céu limpo

28 ℃
59%
Temperatura
Umidade
Fonte: OpenWeatherMap. - 15:30:01
  1. [USD] USD 65,656.71
  1. [BRL] BRL 345,590.68 [USD] USD 65,656.71 [GBP] GBP 49,481.46 [EUR] EUR 57,044.98
    Price index provided by blockchain.info.
  2. Bitcoin Core version 28.4 is now available for download. See the release notes for more information about the bug fixes in this release.
    If you have any questions, please stop by the #bitcoin IRC chatroom (IRC, web) and we’ll do our best to help you.

dog - 15:42:32 up 189 days, 13 min, 7 users, load average: 0.01, 0.02, 0.00

Google News

[27/03/2026 11:17] CPMI do INSS: relator resgata fala de Barroso em discussão com Gilmar e gera bate-boca na sessão - G1

[27/03/2026 10:13] Bolsonaro na prisão domiciliar: saiba como é a casa de alto padrão onde ele vai ficar - Valor Econômico

[26/03/2026 19:30] TJ-RJ anula a eleição de Douglas Ruas (PL) para presidente da Alerj - CartaCapital

[27/03/2026 10:42] PM abre processo para expulsar tenente-coronel após morte de esposa - CNN Brasil

[27/03/2026 11:56] Líder do PL diz que entrará com queixa-crime contra Gilmar - Poder360

[27/03/2026 07:05] Jovem que lutou por eutanásia após ser violentada morre na Espanha - Brasil 247

[26/03/2026 17:03] Lula diz que Brasil quer ajudar EUA contra o crime e pede a Trump para ‘devolver’ bandidos - R7

[27/03/2026 07:15] Justiça do RJ suspende decreto de Castro que ampliava poderes da Casa Civil - Diário do Rio

[26/03/2026 11:04] Ordem de Lula é ‘proteger os brasileiros da guerra no Irã’, diz ministro da Fazenda - Brasil 247

[27/03/2026 08:31] Furto de vírus na Unicamp: entenda decisão que soltou professora suspeita - CNN Brasil

NVD Feed

[CVE-2025-12419] [Modified: 03-12-2025] [Analyzed] [V3.1 S9.9:CRITICAL] Mattermost versions 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12, 11.0.x <= 11.0.3 fail to properly validate OAuth state tokens during OpenID Connect authentication which allows an authenticated attacker with team creation privileges to take over a user account via manipulation of authentication data during the OAuth completion flow. This requires email verification to be disabled (default: disabled), OAuth/OpenID Connect to be enabled, and the attacker to control two users in the SSO system with one of them never having logged into Mattermost.

[CVE-2025-13757] [Modified: 03-12-2025] [Analyzed] [V3.1 S8.8:HIGH] SQL Injection vulnerability in last usage logs in Devolutions Server.This issue affects Devolutions Server: through 2025.2.20, through 2025.3.8.

[CVE-2025-13758] [Modified: 03-12-2025] [Analyzed] [V3.1 S3.5:LOW] Exposure of credentials in unintended requests in Devolutions Server.This issue affects Server: through 2025.2.20, through 2025.3.8.

[CVE-2025-13765] [Modified: 03-12-2025] [Analyzed] [V3.1 S4.3:MEDIUM] Exposure of email service credentials to users without administrative rights in Devolutions Server.This issue affects Devolutions Server: before 2025.2.21, before 2025.3.9.

[CVE-2025-12559] [Modified: 03-12-2025] [Analyzed] [V3.1 S4.3:MEDIUM] Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to sanitize team email addresses to be visible only to Team Admins, which allows any authenticated user to view team email addresses via the GET /api/v4/channels/{channel_id}/common_teams endpoint

[CVE-2025-12421] [Modified: 03-12-2025] [Analyzed] [V3.1 S9.9:CRITICAL] Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to to verify that the token used during the code exchange originates from the same authentication flow, which allows an authenticated user to perform account takeover via a specially crafted email address used when switching authentication methods and sending a request to the /users/login/sso/code-exchange endpoint. The vulnerability requires ExperimentalEnableAuthenticationTransfer to be enabled (default: enabled) and RequireEmailVerification to be disabled (default: disabled).

[CVE-2025-66359] [Modified: 03-12-2025] [Analyzed] [V3.1 S8.5:HIGH] An issue was discovered in Logpoint before 7.7.0. Insufficient input validation and a lack of output escaping in multiple components leads to a cross-site scripting (XSS) vulnerability.

[CVE-2025-66360] [Modified: 03-12-2025] [Analyzed] [V3.1 S8.8:HIGH] An issue was discovered in Logpoint before 7.7.0. An improperly configured access control policy exposes sensitive Logpoint internal service (Redis) information to li-admin users. This can lead to privilege escalation.

[CVE-2025-66361] [Modified: 03-12-2025] [Analyzed] [V3.1 S6.5:MEDIUM] An issue was discovered in Logpoint before 7.7.0. Sensitive information is exposed in System Processes for an extended period during high CPU load.

[CVE-2025-58294] [Modified: 02-12-2025] [Analyzed] [V3.1 S6.2:MEDIUM] Permission control vulnerability in the print module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

[CVE-2025-58303] [Modified: 02-12-2025] [Analyzed] [V3.1 S8.4:HIGH] UAF vulnerability in the screen recording framework module. Impact: Successful exploitation of this vulnerability may affect availability.

[CVE-2025-58307] [Modified: 02-12-2025] [Analyzed] [V3.1 S6.4:MEDIUM] UAF vulnerability in the screen recording framework module. Impact: Successful exploitation of this vulnerability may affect availability.

[CVE-2025-58309] [Modified: 02-12-2025] [Analyzed] [V3.1 S6.8:MEDIUM] Permission control vulnerability in the startup recovery module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

[CVE-2025-58310] [Modified: 02-12-2025] [Analyzed] [V3.1 S8.0:HIGH] Permission control vulnerability in the distributed component. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

[CVE-2025-58312] [Modified: 02-12-2025] [Analyzed] [V3.1 S5.1:MEDIUM] Permission control vulnerability in the App Lock module. Impact: Successful exploitation of this vulnerability may affect availability.

[CVE-2025-58314] [Modified: 02-12-2025] [Analyzed] [V3.1 S6.6:MEDIUM] Vulnerability of accessing invalid memory in the component driver module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

[CVE-2025-58315] [Modified: 02-12-2025] [Analyzed] [V3.1 S5.5:MEDIUM] Permission control vulnerability in the Wi-Fi module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

[CVE-2025-58316] [Modified: 02-12-2025] [Analyzed] [V3.1 S7.3:HIGH] DoS vulnerability in the video-related system service module. Impact: Successful exploitation of this vulnerability may affect availability.

[CVE-2025-64311] [Modified: 02-12-2025] [Analyzed] [V3.1 S5.1:MEDIUM] Permission control vulnerability in the Notepad module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

[CVE-2025-64313] [Modified: 02-12-2025] [Analyzed] [V3.1 S5.3:MEDIUM] Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.

 
Amazon AWS httpd php.net Lets Encrypt Bootstrap