Fedora 44 : chromium (2026-b7b02bebba)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-b7b02bebba advisory. Update to 145.0.7632.159 CVE-2026-3536: Integer overflow in ANGLE CVE-2026-3537: Object lifecycle issue in PowerVR CVE-2026-3538: Integer overflow i...

Chromium: CVE-2026-3540 Inappropriate implementation in WebAudio

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Linux Distros Unpatched Vulnerability : CVE-2026-3540

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in WebAudio in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform out of bounds memory access via a crafted...

CVE-2026-3540

creationtimestamp| type| source ---|---|--- 2026-03-04 19:53:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mgb2qonwes2u 2026-03-05 14:15:27+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mgcycra7ak26 2026-03-05 14:49:12+00:00| seen|...

MiracleLinux 7 : rh-nodejs8-nodejs-8.11.4-1.el7 (AXSA:2019-3540:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3540:01 advisory. nodejs: Out of bounds OOB write via UCS-2 encoding CVE-2018-12115 Tenable has extracted the preceding description block directly from the MiracleLin...

CVE-2024-3540

A vulnerability was found in Campcodes Church Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/addsundaysch.php. The manipulation of the argument Gender leads to sql injection. The attack may be launched remotely. The...

CVE-2022-3540

An issue has been discovered in hunter2 affecting all versions before 2.1.0. Improper handling of auto-completion input allows an authenticated attacker to extract other users email addresses...

CVE-2013-3540

Cross-site request forgery CSRF vulnerability in cgi-bin/admin/usrgrp.cgi in AirLive POE2600HD, POE250HD, POE200HD, OD-325HD, OD-2025HD, OD-2060HD, POE100HD, and possibly other camera models allows remote attackers to hijack the authentication of administrators for requests that add users...

CVE-2009-3540

Cross-site scripting XSS vulnerability in listads.php in YourFreeWorld Ultra Classifieds Pro allows remote attackers to inject arbitrary web script or HTML via the cn parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2025-3540

creationtimestamp| type| source ---|---|--- 2025-04-13 22:53:21+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11567 2025-04-14 00:48:25+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114333561958185836 2025-04-14 01:31:07+00:00|...

CVE-2025-3540 H3C Magic NX15/Magic NX30 Pro/Magic NX400/Magic R3010 HTTP POST Request getCapability FCGI_WizardProtoProcess command injection

A vulnerability classified as critical was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400 and Magic R3010 up to V100R014. Affected by this vulnerability is the function FCGIWizardProtoProcess of the file /api/wizard/getCapability of the component HTTP POST Request Handler. The manipulation...

openSUSE Security Advisory (SUSE-SU-2024:3540-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 9 : OpenShift Container Platform 4.13.3 (RHSA-2023:3540)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3540 advisory. Red Hat build of MicroShift is Red Hat's light-weight Kubernetes orchestration solution designed for edge device deployments and is built fr...

RHEL 6 : python-django-horizon (RHSA-2012:1380)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2012:1380 advisory. Horizon is the OpenStack Dashboard http://www.openstack.org, a web interface for managing OpenStack services. An open redirect flaw was found in the...

3540.jp Improper Access Control vulnerability OBB-3843387

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2023-3540

creationtimestamp| type| source ---|---|--- 2023-07-07 18:24:52+00:00| seen| https://t.me/cibsecurity/66195...

CVE-2023-3540

The CVE-2023-3540 entry concerns SimplePHPscripts NewsLetter Script PHP 2.4. The vulnerability lies in the URL Parameter Handler’s /preview.php file, where an input parameter can be manipulated to trigger cross-site scripting. Attacks can be launched remotely. Affected component/function: /previe...

CVE-2022-3540

creationtimestamp| type| source ---|---|--- 2022-10-17 20:13:12+00:00| seen| https://t.me/cibsecurity/51601...

CVE-2022-3540

An issue has been discovered in hunter2 affecting all versions before 2.1.0. Improper handling of auto-completion input allows an authenticated attacker to extract other users email addresses...

CVE-2022-3540

CVE-2022-3540 affects hunter2 prior to version 2.1.0. The issue is improper handling of auto-completion input, enabling an authenticated attacker to extract other users’ email addresses. Connected sources consistently describe the same vulnerability and version floor; no exploitation details are ...