fweno.onefour.com.br

Current Conditions
São Paulo
céu limpo

25 ℃
48%
Temperatura
Umidade
Fonte: OpenWeatherMap. - 14:30:01
  1. [USD] USD 64,517.29
  1. [BRL] BRL 332,509.19 [USD] USD 64,517.29 [GBP] GBP 48,711.00 [EUR] EUR 56,436.17
    Price index provided by blockchain.info.
  2. After Bitcoin Core 0.14.0 and before Bitcoin Core 29.0, validating a specially-crafted block may cause the node to access previously freed memory.
    During validation, necessary data required for checking inputs for each transaction is pre-calculated and cached. For specially crafted invalid blocks, it was possible for this data to be destroyed while it was still being accessed by a background validation thread. An attacker capable of mining a block with sufficient proof-of-work could have exploited this to crash victim nodes. Because of the nature of use-after-free bugs, it is possible that the crash could have been used for remote code execution, though constraints on the input (block) data make this unlikely.
    This issue is considered High severity.

    Details

    By default, script validation for new blocks is dispatched to background threads via a vector of CScriptCheck functors. Each CScriptCheck holds a pointer to a PrecomputedTransactionData object which stores some data needed by each input in the transaction. Because it stores a pointer and not the data itself, care must be taken to ensure that the PrecomputedTransactionData outlives the CScriptCheck.
    The script checks lifetime is enforced by an RAII class, CCheckQueueControl. However, the control is intantiated before the precomputed transaction data. Because local objects in C++ are destructed in reverse order of construction, this means the vector of PrecomputedTransactionData is destroyed before the CCheckQueueControl.
    This is not an issue when the block is valid, as CCheckQueueControl::Wait() will be called before the function returns and the PrecomputedTransactionData gets destroyed. However, in case of an early return (when a separate check fails) a background script thread may read the precomputed transaction data after it was destroyed. An attacker could exploit this to crash victim nodes at the expense of a valid PoW at tip.

    Attribution

    Cory Fields (MIT DCI) discovered this vulnerability and responsibly disclosed it in a detailed report containing a proof of concept for reproduction and a proposed mitigation.

    Timeline

    • 2024-11-02 Cory Fields privately reports the bug
    • 2024-11-06 Pieter Wuille pushes a covert fix to already open PR #31112 which works around the issue by removing the early returns
    • 2024-12-03 PR #31112 is merged
    • 2025-04-12 Bitcoin Core version 29.0 is released with a fix
    • 2026-04-19 The last vulnerable Bitcoin Core version (28.x) goes end of life
    • 2026-05-05 Public disclosure.

dog - 14:59:52 up 275 days, 23:31, 5 users, load average: 0.00, 0.00, 0.00

Google News

[22/06/2026 11:32] Primeiro-ministro do Reino Unido, Keir Starmer, renuncia ao cargo - BBC

[22/06/2026 05:01] 'Todos envolvidos no escândalo Master terão que se explicar', diz presidente do PT - Valor Econômico

[22/06/2026 00:21] Direita prepara terreno para superar esquerda na América do Sul - Poder360

[22/06/2026 09:10] Cubanos superaram venezuelanos em pedidos de refúgio no Brasil em 2025 - G1

[22/06/2026 10:07] Criança de 7 anos morre após ser baleada na cabeça em Nova Iguaçu - G1

[22/06/2026 12:10] Ipsos-Ipec: 38% avaliam governo Lula como ruim ou péssimo, 32% como ótimo ou bom e 28% como regular - G1

[22/06/2026 14:15] Governo nomeia "Fulano" e "Cicrano de tal" como assistentes do GSI de Lula - CNN Brasil

[22/06/2026 11:13] Flávio comemora vitória de Arthur Henrique em Roraima - Poder360

[22/06/2026 08:48] Defesa de Bolsonaro pede a Moraes mais tempo para reuniões antes de depoimento - Revista Oeste

[22/06/2026 08:04] Entenda como esquema internacional usava madeira para esconder cocaína; carga pode ser a maior da história do Brasil - G1

NVD Feed

[CVE-2026-2945] [Modified: 17-06-2026] [Analyzed] [V3.1 S6.3:MEDIUM] A weakness has been identified in JeecgBoot 3.9.0. Affected by this vulnerability is an unknown functionality of the file /sys/common/uploadImgByHttp. Executing a manipulation of the argument fileUrl can lead to server-side request forgery. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2026-2946] [Modified: 17-06-2026] [Analyzed] [V3.1 S3.5:LOW] A security vulnerability has been detected in rymcu forest up to 0.0.5. Affected by this issue is the function XssUtils.replaceHtmlCode of the file src/main/java/com/rymcu/forest/util/XssUtils.java of the component Article Content/Comments/Portfolio. The manipulation leads to cross site scripting. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2026-2947] [Modified: 17-06-2026] [Analyzed] [V3.1 S3.5:LOW] A vulnerability was detected in rymcu forest up to 0.0.5. This affects the function updateUserInfo of the file - src/main/java/com/rymcu/forest/web/api/user/UserInfoController.java of the component User Profile Handler. The manipulation results in cross site scripting. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2026-2952] [Modified: 17-06-2026] [Analyzed] [V3.1 S7.3:HIGH] A flaw has been found in Vaelsys 4.1.0. This vulnerability affects unknown code of the file /tree/tree_server.php of the component HTTP POST Request Handler. This manipulation of the argument xajaxargs causes os command injection. The attack is possible to be carried out remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2026-2953] [Modified: 17-06-2026] [Analyzed] [V3.1 S5.4:MEDIUM] A vulnerability has been found in Dromara UJCMS 101.2. This issue affects the function deleteDirectory of the file WebFileTemplateController.delete of the component Template Handler. Such manipulation leads to path traversal. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2019-25461] [Modified: 17-06-2026] [Analyzed] [V3.1 S7.5:HIGH] Web Ofisi Platinum E-Ticaret v5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' parameter. Attackers can send POST requests to the ajax/productsFilterSearch endpoint with malicious 'q' values using time-based blind SQL injection techniques to extract sensitive database information.

[CVE-2026-2954] [Modified: 17-06-2026] [Analyzed] [V3.1 S6.3:MEDIUM] A vulnerability was found in Dromara UJCMS 10.0.2. Impacted is the function importChanel of the file /api/backend/ext/import-data/import-channel of the component ImportDataController. Performing a manipulation of the argument driverClassName/url results in injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2026-2956] [Modified: 17-06-2026] [Analyzed] [V3.1 S6.3:MEDIUM] A security flaw has been discovered in qinming99 dst-admin up to 1.5.0. This affects the function revertBackup of the file /home/restore. The manipulation of the argument Name results in command injection. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2026-2957] [Modified: 17-06-2026] [Analyzed] [V3.1 S5.4:MEDIUM] A weakness has been identified in qinming99 dst-admin up to 1.5.0. This impacts the function deleteBackup of the file src/main/java/com/tugos/dst/admin/controller/BackupController.java of the component File Handler. This manipulation causes denial of service. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2026-2588] [Modified: 17-06-2026] [Analyzed] [V3.1 S9.1:CRITICAL] Crypt::NaCl::Sodium versions through 2.001 for Perl has an integer overflow flaw on 32-bit systems. Sodium.xs casts a STRLEN (size_t) to unsigned long long when passing a length pointer to libsodium functions. On 32-bit systems size_t is typically 32-bits while an unsigned long long is at least 64-bits.

[CVE-2026-2958] [Modified: 17-06-2026] [Analyzed] [V3.1 S8.8:HIGH] A security vulnerability has been detected in D-Link DWR-M960 1.01.07. Affected is the function sub_457C5C of the file /boafrm/formWsc. Such manipulation of the argument save_apply leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

[CVE-2026-2959] [Modified: 17-06-2026] [Analyzed] [V3.1 S8.8:HIGH] A vulnerability was detected in D-Link DWR-M960 1.01.07. Affected by this vulnerability is the function sub_44E0F8 of the file /boafrm/formNewSchedule. Performing a manipulation of the argument url results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used.

[CVE-2026-2960] [Modified: 17-06-2026] [Analyzed] [V3.1 S8.8:HIGH] A flaw has been found in D-Link DWR-M960 1.01.07. Affected by this issue is the function sub_468D64 of the file /boafrm/formDhcpv6s. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been published and may be used.

[CVE-2026-2961] [Modified: 17-06-2026] [Analyzed] [V3.1 S8.8:HIGH] A vulnerability has been found in D-Link DWR-M960 1.01.07. This affects the function sub_4196C4 of the file /boafrm/formVpnConfigSetup of the component VPN Configuration Endpoint. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.

[CVE-2026-2962] [Modified: 17-06-2026] [Analyzed] [V3.1 S8.8:HIGH] A vulnerability was found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub_460F30 of the file /boafrm/formDateReboot of the component Scheduled Reboot Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used.

[CVE-2026-2964] [Modified: 17-06-2026] [Analyzed] [V3.1 S5.0:MEDIUM] A vulnerability was identified in higuma web-audio-recorder-js 0.1/0.1.1. Impacted is the function extend in the library lib/WebAudioRecorder.js of the component Dynamic Config Handling. Such manipulation leads to improperly controlled modification of object prototype attributes. It is possible to launch the attack remotely. Attacks of this nature are highly complex. The exploitability is considered difficult. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2026-2966] [Modified: 17-06-2026] [Analyzed] [V3.1 S3.7:LOW] A weakness has been identified in Cesanta Mongoose up to 7.20. The impacted element is the function mg_sendnsreq of the file /src/dns.c of the component DNS Transaction ID Handler. Executing a manipulation of the argument random can lead to insufficiently random values. The attack can be launched remotely. The attack requires a high level of complexity. The exploitability is regarded as difficult. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2026-2967] [Modified: 17-06-2026] [Analyzed] [V3.1 S3.7:LOW] A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This affects the function getpeer of the file /src/net_builtin.c of the component TCP Sequence Number Handler. The manipulation leads to improper verification of source of a communication channel. The attack may be initiated remotely. The attack's complexity is rated as high. The exploitability is reported as difficult. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2026-2968] [Modified: 17-06-2026] [Analyzed] [V3.1 S3.7:LOW] A vulnerability was detected in Cesanta Mongoose up to 7.20. This impacts the function mg_chacha20_poly1305_decrypt of the file /src/tls_chacha20.c of the component Poly1305 Authentication Tag Handler. The manipulation results in improper verification of cryptographic signature. The attack may be launched remotely. This attack is characterized by high complexity. The exploitability is said to be difficult. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2026-2969] [Modified: 17-06-2026] [Analyzed] [V3.1 S4.7:MEDIUM] A flaw has been found in datapizza-labs datapizza-ai 0.0.2. Affected is the function ChatPromptTemplate of the file datapizza-ai-core/datapizza/modules/prompt/prompt.py of the component Jinja2 Template Handler. This manipulation of the argument Prompt causes improper neutralization of special elements used in a template engine. Remote exploitation of the attack is possible. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

 
Amazon AWS httpd php.net Lets Encrypt Bootstrap