CVE-2026-3406

creationtimestamp| type| source ---|---|--- 2026-03-02 04:18:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mg2fk2fohw2n 2026-03-03 23:40:09+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mg6wwo5uhk2l...

CVE-2026-3406 projectworlds Online Art Gallery Shop Registration registration.php sql injection

A vulnerability was found in projectworlds Online Art Gallery Shop 1.0. The impacted element is an unknown function of the file /admin/registration.php of the component Registration Handler. The manipulation of the argument fname results in sql injection. It is possible to launch the attack...

EUVD-2026-3406

Multiple reflected cross-site scripting xss vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these vulnerabilities.This...

MiracleLinux 3 : glibc-2.5-81.4.0.1.AXS3 (AXSA:2012-695:04)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-695:04 advisory. The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make...

SUSE CVE-2025-3406

A vulnerability was found in Nothings stb up to f056911. It has been classified as problematic. Affected is the function stbhwbuildtilesetfromimage of the component Header Array Handler. The manipulation of the argument w leads to out-of-bounds read. It is possible to launch the attack remotely...

CVE-2025-3406

A vulnerability was found in Nothings stb up to f056911. It has been classified as problematic. Affected is the function stbhwbuildtilesetfromimage of the component Header Array Handler. The manipulation of the argument w leads to out-of-bounds read. It is possible to launch the attack remotely...

CVE-2025-3406

A vulnerability was found in Nothings stb up to f056911. It has been classified as problematic. Affected is the function stbhwbuildtilesetfromimage of the component Header Array Handler. The manipulation of the argument w leads to out-of-bounds read. It is possible to launch the attack remotely...

CVE-2025-3406

A vulnerability was found in Nothings stb up to f056911. It has been classified as problematic. Affected is the function stbhwbuildtilesetfromimage of the component Header Array Handler. The manipulation of the argument w leads to out-of-bounds read. It is possible to launch the attack remotely...

CVE-2025-3406

creationtimestamp| type| source ---|---|--- 2025-04-08 03:45:54+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10824 2025-04-08 05:17:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmbpwolmtz2h 2025-04-08 08:08:03+00:00| seen| https://t.me/cvedetector/22387...

CVE-2025-3406 Nothings stb Header Array stbhw_build_tileset_from_image out-of-bounds

A vulnerability was found in Nothings stb up to f056911. It has been classified as problematic. Affected is the function stbhwbuildtilesetfromimage of the component Header Array Handler. The manipulation of the argument w leads to out-of-bounds read. It is possible to launch the attack remotely...

CVE-2025-3406

CVE-2025-3406 affects the Nothings stb library (up to f056911) with the vulnerable function stbhw_build_tileset_from_image in the Header Array Handler . The issue arises from manipulating the argument w , causing an out-of-bounds read. It is stated that the attack can be launched remotely. The re...

AlmaLinux 9 : python-jinja2 (ALSA-2025:3406)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:3406 advisory. jinja2: Jinja sandbox breakout through attr filter selecting format method CVE-2025-27516 Tenable has extracted the preceding description block directly from the...

Oracle Linux 9 : python-jinja2 (ELSA-2025-3406)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-3406 advisory. 2.11.3-8 - Security fix for CVE-2025-27516 Resolves: RHEL-85064 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Linux Distros Unpatched Vulnerability : CVE-2015-3406

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The PGP signature parsing in Module::Signature before 0.74 allows remote attackers to cause the unsigned portion of a SIGNATURE file to be treated as the signed...

RHEL 7 : perl-module-signature (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - perl-Module-Signature: unsigned files interpreted as signed in some circumstances CVE-2015-3406 -...

CVE-2024-3406

The WP Prayer WordPress plugin through 2.0.9 does not have CSRF check in place when updating its email settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2024-3406

CVE-2024-3406 affects WP Prayer WordPress plugin up to version 2.0.9 and older, lacking CSRF protection when updating email settings. This enables a logged-in admin to change settings via CSRF. CVSSv3.1 base score 8.8 (HIGH). Remediation noted across sources as updating to a version that adds a C...

CVE-2024-3406 WP Prayer <= 2.0.9 - Email Settings Update via CSRF

The WP Prayer WordPress plugin through 2.0.9 does not have CSRF check in place when updating its email settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

Malicious code in wlwz-2312-3406 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1a6aa2f660972eb5e66ff0b49dcdf78f5de23c1d6cf812b5c67d5443533298b6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-3406

creationtimestamp| type| source ---|---|--- 2023-08-25 12:17:07+00:00| seen| https://t.me/cibsecurity/69179...