[09/02/2026 11:14] Kassab ainda espera por Tarcísio? - oantagonista.com.br

[09/02/2026 14:40] Jeffrey Epstein financiou modelos brasileiras e avisou dias antes sobre sua prisão; MPF apura citação em Natal - BBC

[09/02/2026 09:56] Homem tenta matar jovem com mais de 15 facadas; vítima fica com rosto recortado e está entubada; suspeito da tentativa de feminicídio é preso - oglobo.globo.com

[09/02/2026 13:17] Se Trump conhecesse sanguinidade de Lampião, não faria provocação, diz Lula - CNN Brasil

[09/02/2026 10:38] CPMI do INSS é cancelada depois de filho de empresário dar atestado - Revista Oeste

[09/02/2026 06:11] 'Vivendo em um hotel': a disputa pela transformação do 'maior edifício residencial do Brasil' em Airbnb - BBC

[09/02/2026 12:42] Serra do Espinhaço: professor da UFMG alerta para consequência da mineração - Estado de Minas

[09/02/2026 06:03] TV e aliança nos Estados motivam Lula a tirar Centrão de Flávio - Poder360

[08/02/2026 12:36] Chefe de Gabinete de premier britânico renuncia após polêmica sobre ligações de ex-embaixador com Epstein - oglobo.globo.com

[08/02/2026 17:07] Ucranianos enfrentam frio rigoroso após ataques russos à infraestrutura - CNN Brasil

[CVE-2025-11639] [Modified: 29-10-2025] [Analyzed] [V3.1 S3.3:LOW] A vulnerability has been found in Tomofun Furbo 360 and Furbo Mini. The impacted element is an unknown function of the file collect_logs.sh of the component Debug Log S3 Bucket Handler. The manipulation leads to insecure storage of sensitive information. An attack has to be approached locally. The firmware versions determined to be affected are Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2025-11640] [Modified: 29-10-2025] [Analyzed] [V3.1 S3.1:LOW] A vulnerability was found in Tomofun Furbo 360 and Furbo Mini. This affects an unknown function of the component Bluetooth Low Energy. The manipulation results in cleartext transmission of sensitive information. Access to the local network is required for this attack. Attacks of this nature are highly complex. The exploitability is reported as difficult. The firmware versions determined to be affected are Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2025-11641] [Modified: 30-10-2025] [Analyzed] [V3.1 S3.9:LOW] A vulnerability was determined in Tomofun Furbo 360 and Furbo Mini. This impacts an unknown function of the component Trial Restriction Handler. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The attack is considered to have high complexity. The exploitability is said to be difficult. The firmware versions determined to be affected are Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2025-11642] [Modified: 29-10-2025] [Analyzed] [V3.1 S4.0:MEDIUM] A vulnerability was identified in Tomofun Furbo 360 and Furbo Mini. Affected is an unknown function of the component Registration Handler. Such manipulation leads to denial of service. The attack can be executed directly on the physical device. The attack requires a high level of complexity. The exploitability is told to be difficult. The firmware versions determined to be affected are Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2025-11643] [Modified: 29-10-2025] [Analyzed] [V3.1 S3.7:LOW] A security flaw has been discovered in Tomofun Furbo 360 and Furbo Mini. Affected by this vulnerability is an unknown functionality of the file /squashfs-root/furbo_img of the component MQTT Client Certificate. Performing manipulation results in hard-coded credentials. The attack may be initiated remotely. The attack's complexity is rated as high. The exploitation appears to be difficult. The firmware versions determined to be affected are Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2025-11644] [Modified: 29-10-2025] [Analyzed] [V3.1 S2.0:LOW] A weakness has been identified in Tomofun Furbo 360 and Furbo Mini. Affected by this issue is some unknown functionality of the component UART Interface. Executing manipulation can lead to insecure storage of sensitive information. The physical device can be targeted for the attack. This attack is characterized by high complexity. The exploitation is known to be difficult. The firmware versions determined to be affected are Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2025-11646] [Modified: 27-10-2025] [Analyzed] [V3.1 S6.3:MEDIUM] A vulnerability was detected in Tomofun Furbo 360 and Furbo Mini. This vulnerability affects unknown code of the component GATT Service. The manipulation results in improper access controls. The attack can only be performed from the local network. The exploit is now public and may be used. The firmware versions determined to be affected are Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2025-11647] [Modified: 28-10-2025] [Analyzed] [V3.1 S3.1:LOW] A flaw has been found in Tomofun Furbo 360 and Furbo Mini. This issue affects some unknown processing of the component GATT Service. This manipulation of the argument DeviceToken causes information disclosure. The attack is only possible within the local network. A high degree of complexity is needed for the attack. The exploitability is assessed as difficult. The firmware versions determined to be affected are Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2025-11648] [Modified: 28-10-2025] [Analyzed] [V3.1 S5.6:MEDIUM] A vulnerability has been found in Tomofun Furbo 360 and Furbo Mini. Impacted is an unknown function of the file TF_FQDN.json of the component GATT Interface URL Handler. Such manipulation leads to server-side request forgery. The attack may be performed from remote. Attacks of this nature are highly complex. The exploitability is considered difficult. The firmware versions determined to be affected are Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2025-11649] [Modified: 28-10-2025] [Analyzed] [V3.1 S7.0:HIGH] A vulnerability was found in Tomofun Furbo 360 and Furbo Mini. The affected element is an unknown function of the component Root Account Handler. Performing manipulation results in use of hard-coded password. The attack must be initiated from a local position. The attack is considered to have high complexity. The exploitability is described as difficult. The exploit has been made public and could be used. The firmware versions determined to be affected are Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2025-11650] [Modified: 28-10-2025] [Analyzed] [V3.1 S1.8:LOW] A vulnerability was determined in Tomofun Furbo 360 and Furbo Mini. The impacted element is an unknown function of the file /etc/shadow of the component Password Handler. Executing manipulation can lead to use of weak hash. The physical device can be targeted for the attack. The attack requires a high level of complexity. The exploitability is regarded as difficult. The exploit has been publicly disclosed and may be utilized. The firmware versions determined to be affected are Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2025-11651] [Modified: 08-01-2026] [Analyzed] [V3.1 S8.8:HIGH] A vulnerability has been found in UTT 进取 518G up to V3v3.2.7-210919-161313. This vulnerability affects the function sub_4247AC of the file /goform/formRemoteControl. The manipulation of the argument Profile leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2025-11652] [Modified: 08-01-2026] [Analyzed] [V3.1 S8.8:HIGH] A vulnerability was found in UTT 进取 518G up to V3v3.2.7-210919-161313. This issue affects some unknown processing of the file /goform/formTaskEdit_ap. The manipulation of the argument txtMin2 results in buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2025-36087] [Modified: 20-10-2025] [Analyzed] [V3.1 S8.1:HIGH] IBM Security Verify Access 10.0.0 through 10.0.9, 11.0.0, IBM Verify Identity Access Container 10.0.0 through 10.0.9, and 11.0.0, under certain configurations, contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

[CVE-2025-11656] [Modified: 16-10-2025] [Analyzed] [V3.1 S7.3:HIGH] A weakness has been identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This affects an unknown function of the file /assets/editNotes.php. Executing manipulation of the argument File can lead to unrestricted upload. The attack can be launched remotely. The exploit has been made available to the public and could be exploited. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.

[CVE-2025-11657] [Modified: 16-10-2025] [Analyzed] [V3.1 S7.3:HIGH] A security vulnerability has been detected in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This impacts an unknown function of the file /assets/createNotice.php. The manipulation of the argument File leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available.

[CVE-2025-11658] [Modified: 16-10-2025] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability was detected in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. Affected is an unknown function of the file /assets/changeSllyabus.php. The manipulation of the argument File results in unrestricted upload. The attack may be launched remotely. The exploit is now public and may be used. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases.

[CVE-2025-11659] [Modified: 16-10-2025] [Analyzed] [V3.1 S7.3:HIGH] A flaw has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. Affected by this vulnerability is an unknown functionality of the file /assets/uploadNotes.php. This manipulation of the argument File causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been published and may be used. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided.

[CVE-2025-11660] [Modified: 20-10-2025] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. Affected by this issue is some unknown functionality of the file /assets/uploadSllyabus.php. Such manipulation of the argument File leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable.

[CVE-2025-31996] [Modified: 21-10-2025] [Analyzed] [V3.1 S5.3:MEDIUM] HCL Unica Platform is affected by unprotected files due to improper access controls.  These files may contain sensitive information such as private or system information that can be exploited by attackers to compromise the application, infrastructure, or users.