fweno.onefour.com.br

Current Conditions
São Paulo
céu limpo

20 ℃
55%
Temperatura
Umidade
Fonte: OpenWeatherMap. - 14:00:02
  1. [USD] USD 60,731.75
  1. [BRL] BRL 314,444.70 [USD] USD 60,731.75 [GBP] GBP 45,515.83 [EUR] EUR 52,697.73
    Price index provided by blockchain.info.
  2. After Bitcoin Core 0.14.0 and before Bitcoin Core 29.0, validating a specially-crafted block may cause the node to access previously freed memory.
    During validation, necessary data required for checking inputs for each transaction is pre-calculated and cached. For specially crafted invalid blocks, it was possible for this data to be destroyed while it was still being accessed by a background validation thread. An attacker capable of mining a block with sufficient proof-of-work could have exploited this to crash victim nodes. Because of the nature of use-after-free bugs, it is possible that the crash could have been used for remote code execution, though constraints on the input (block) data make this unlikely.
    This issue is considered High severity.

    Details

    By default, script validation for new blocks is dispatched to background threads via a vector of CScriptCheck functors. Each CScriptCheck holds a pointer to a PrecomputedTransactionData object which stores some data needed by each input in the transaction. Because it stores a pointer and not the data itself, care must be taken to ensure that the PrecomputedTransactionData outlives the CScriptCheck.
    The script checks lifetime is enforced by an RAII class, CCheckQueueControl. However, the control is intantiated before the precomputed transaction data. Because local objects in C++ are destructed in reverse order of construction, this means the vector of PrecomputedTransactionData is destroyed before the CCheckQueueControl.
    This is not an issue when the block is valid, as CCheckQueueControl::Wait() will be called before the function returns and the PrecomputedTransactionData gets destroyed. However, in case of an early return (when a separate check fails) a background script thread may read the precomputed transaction data after it was destroyed. An attacker could exploit this to crash victim nodes at the expense of a valid PoW at tip.

    Attribution

    Cory Fields (MIT DCI) discovered this vulnerability and responsibly disclosed it in a detailed report containing a proof of concept for reproduction and a proposed mitigation.

    Timeline

    • 2024-11-02 Cory Fields privately reports the bug
    • 2024-11-06 Pieter Wuille pushes a covert fix to already open PR #31112 which works around the issue by removing the early returns
    • 2024-12-03 PR #31112 is merged
    • 2025-04-12 Bitcoin Core version 29.0 is released with a fix
    • 2026-04-19 The last vulnerable Bitcoin Core version (28.x) goes end of life
    • 2026-05-05 Public disclosure.

dog - 14:15:53 up 259 days, 22:47, 5 users, load average: 0.00, 0.01, 0.00

Google News

[06/06/2026 09:53] UE formaliza restrição a carnes e produtos de origem animal do Brasil - O Globo

[06/06/2026 04:30] Caso Henry: MP recorre do perdão judicial à Monique, alegando que juíza reformulou pergunta ao júri; entenda - O Globo

[05/06/2026 20:48] Diretor da PF é contra classificação de facções como terroristas - Revista Oeste

[06/06/2026 13:03] Vídeo: ponte de R$ 36 milhões desaba e deixa feridos no Acre - CNN Brasil

[06/06/2026 07:26] As eleições que podem fechar 'círculo de fogo' pró-Trump em torno do Brasil - BBC

[06/06/2026 04:00] Empresas brasileiras taxadas agora por Trump têm dificuldades de vender para outros países: veja a diferença do 1º tarifaço - O Globo

[06/06/2026 08:57] Carreta com combustível tomba e provoca bloqueio total da BR-381 - Estado de Minas

[05/06/2026 17:39] Ex-prefeito de cidade no Pará mata a tiros mulher durante assinatura de divórcio - O Globo

[05/06/2026 21:04] Governo prorroga prazo de inscrição do Enem 2026 - Correio do Povo

[06/06/2026 03:34] Parada LGBT+ em SP terá segurança reforçada com mais de 1,5 mil policiais - CNN Brasil

NVD Feed

[CVE-2025-13818] [Modified: 18-02-2026] [Analyzed] [V3.1 S6.7:MEDIUM] Local privilege escalation vulnerability via insecure temporary batch file execution in ESET Management Agent

[CVE-2026-1337] [Modified: 24-02-2026] [Analyzed] [V3.1 S5.4:MEDIUM] Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can lead to XSS if the user opens the logs in a tool that treats them as HTML. There is no security impact on Neo4j products, but this advisory is released as a precaution to treat the logs as plain text if using versions prior to 2026.01. Proof of concept exploit:  https://github.com/JoakimBulow/CVE-2026-1337

[CVE-2026-2056] [Modified: 17-02-2026] [Analyzed] [V3.1 S5.3:MEDIUM] A security vulnerability has been detected in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. The impacted element is an unknown function of the file /wan_connection_status.asp of the component DHCP Connection Status Handler. The manipulation leads to information disclosure. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

[CVE-2025-13523] [Modified: 24-02-2026] [Analyzed] [V3.1 S7.7:HIGH] Mattermost Confluence plugin version <1.7.0 fails to properly escape user-controlled display names in HTML template rendering which allows authenticated Confluence users with malicious display names to execute arbitrary JavaScript in victim browsers via sending a specially crafted OAuth2 connection link that, when visited, renders the attacker's display name without proper sanitization. Mattermost Advisory ID: MMSA-2025-00557

[CVE-2026-2057] [Modified: 29-04-2026] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability was detected in SourceCodester Medical Center Portal Management System 1.0. This affects an unknown function of the file /login.php. The manipulation of the argument User results in sql injection. The attack can be executed remotely. The exploit is now public and may be used.

[CVE-2025-64111] [Modified: 18-02-2026] [Analyzed] [V3.1 S9.8:CRITICAL] Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, due to the insufficient patch for CVE-2024-56731, it's still possible to update files in the .git directory and achieve remote command execution. This issue has been patched in versions 0.13.4 and 0.14.0+dev.

[CVE-2026-23738] [Modified: 18-02-2026] [Analyzed] [V3.1 S3.5:LOW] Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, user supplied/control values for Cookies and any GET variable query Parameter are directly interpolated into the HTML of the page using ast_str_append. The endpoint at GET /httpstatus is the potential vulnerable endpoint relating to asterisk/main /http.c. This issue has been patched in versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2.

[CVE-2026-23739] [Modified: 18-02-2026] [Analyzed] [V3.1 S2.0:LOW] Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, the ast_xml_open() function in xml.c parses XML documents using libxml with unsafe parsing options that enable entity expansion and XInclude processing. Specifically, it invokes xmlReadFile() with the XML_PARSE_NOENT flag and later processes XIncludes via xmlXIncludeProcess().If any untrusted or user-supplied XML file is passed to this function, it can allow an attacker to trigger XML External Entity (XXE) or XInclude-based local file disclosure, potentially exposing sensitive files from the host system. This can also be triggered in other cases in which the user is able to supply input in xml format that triggers the asterisk process to parse it. This issue has been patched in versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2.

[CVE-2026-23740] [Modified: 10-02-2026] [Analyzed] [V3.1 S0.0:NONE] Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, when ast_coredumper writes its gdb init and output files to a directory that is world-writable (for example /tmp), an attacker with write permission(which is all users on a linux system) to that directory can cause root to execute arbitrary commands or overwrite arbitrary files by controlling the gdb init file and output paths. This issue has been patched in versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2.

[CVE-2026-23741] [Modified: 18-02-2026] [Analyzed] [V3.1 S0.0:NONE] Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, the asterisk/contrib/scripts/ast_coredumper runs as root, as noted by the NOTES tag on line 689 of the ast_coredumper file. The script will source the contents of /etc/asterisk/ast_debug_tools.conf, which resides in a folder that is writeable by the asterisk user:group. Due to the /etc/asterisk/ast_debug_tools.conf file following bash semantics and it being loaded; an attacker with write permissions may add or modify the file such that when the root ast_coredumper is run; it would source and thereby execute arbitrary bash code found in the /etc/asterisk/ast_debug_tools.conf. This issue has been patched in versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2.

[CVE-2026-25556] [Modified: 24-02-2026] [Analyzed] [V3.1 S7.5:HIGH] MuPDF versions 1.23.0 through 1.27.0 contain a double-free vulnerability in fz_fill_pixmap_from_display_list() when an exception occurs during display list rendering. The function accepts a caller-owned fz_pixmap pointer but incorrectly drops the pixmap in its error handling path before rethrowing the exception. Callers (including the barcode decoding path in fz_decode_barcode_from_display_list) also drop the same pixmap in cleanup, resulting in a double-free that can corrupt the heap and crash the process. This issue affects applications that enable and use MuPDF barcode decoding and can be triggered by processing crafted input that causes a rendering-time error while decoding barcodes.

[CVE-2026-2058] [Modified: 29-04-2026] [Analyzed] [V3.1 S7.3:HIGH] A flaw has been found in mathurvishal CloudClassroom-PHP-Project up to 5dadec098bfbbf3300d60c3494db3fb95b66e7be. This impacts an unknown function of the file /postquerypublic.php of the component Post Query Details Page. This manipulation of the argument gnamex causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used. This product adopts a rolling release strategy to maintain continuous delivery. Therefore, version details for affected or updated releases cannot be specified. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2026-2059] [Modified: 29-04-2026] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability has been found in SourceCodester Medical Center Portal Management System 1.0. Affected is an unknown function of the file /emp_edit1.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.

[CVE-2026-2103] [Modified: 17-02-2026] [Analyzed] [V3.1 S7.1:HIGH] Infor SyteLine ERP uses hard-coded static cryptographic keys to encrypt stored credentials, including user passwords, database connection strings, and API keys. The encryption keys are identical across all installations. An attacker with access to the application binary and database can decrypt all stored credentials.

[CVE-2025-64175] [Modified: 17-02-2026] [Analyzed] [V3.1 S8.8:HIGH] Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, Gogs’ 2FA recovery code validation does not scope codes by user, enabling cross-account bypass. If an attacker knows a victim’s username and password, they can use any unused recovery code (e.g., from their own account) to bypass the victim’s 2FA. This enables full account takeover and renders 2FA ineffective in all environments where it's enabled.. This issue has been patched in versions 0.13.4 and 0.14.0+dev.

[CVE-2025-70963] [Modified: 10-02-2026] [Analyzed] [V3.1 S7.6:HIGH] Gophish <=0.12.1 is vulnerable to Incorrect Access Control. The administrative dashboard exposes each user’s long-lived API key directly inside the rendered HTML/JavaScript of the page on every login. This makes permanent API credentials accessible to any script running in the browser context.

[CVE-2026-1769] [Modified: 24-02-2026] [Analyzed] [V3.1 S5.3:MEDIUM] Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Xerox CentreWare on Windows allows Stored XSS.This issue affects CentreWare: through 7.0.6.  Consider upgrading Xerox® CentreWare Web® to v7.2.2.25 via the software available on Xerox.com

[CVE-2026-22592] [Modified: 17-02-2026] [Analyzed] [V3.1 S6.5:MEDIUM] Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, an authenticated user can cause a DOS attack. If one of the repo files is deleted before synchronization, it will cause the application to crash. This issue has been patched in versions 0.13.4 and 0.14.0+dev.

[CVE-2026-23632] [Modified: 17-02-2026] [Analyzed] [V3.1 S6.5:MEDIUM] Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, the endpoint "PUT /repos/:owner/:repo/contents/*" does not require write permissions and allows access with read permission only via repoAssignment(). After passing the permission check, PutContents() invokes UpdateRepoFile(), which results in commit creation and the execution of git push. As a result, a token with read-only permission can be used to modify repository contents. This issue has been patched in versions 0.13.4 and 0.14.0+dev.

[CVE-2026-23633] [Modified: 17-02-2026] [Analyzed] [V3.1 S6.5:MEDIUM] Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, there is an arbitrary file read/write via path traversal in Git hook editing. This issue has been patched in versions 0.13.4 and 0.14.0+dev.

 
Amazon AWS httpd php.net Lets Encrypt Bootstrap