CVE-2026-3840

A vulnerability in Kedro version 1.2.0 allows an attacker to exploit path traversal by providing a crafted version string. The getversionedpath method in kedro/io/core.py directly interpolates user-supplied version strings into filesystem paths without sanitization. This enables an attacker to...

Oracle Linux 10 : image-builder (ELSA-2026-3840)

The remote Oracle Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-3840 advisory. 45-1.0.3 - Rebuilt to fix CVE-2025-61726, CVE-2025-61729, CVE-2025-68121 Tenable has extracted the preceding description block directly from the Oracl...

CVE-2013-3840

Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Web Services...

CVE-2025-3840

creationtimestamp| type| source ---|---|--- 2025-04-21 10:05:24+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12636 2025-04-21 12:54:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnd7jq6att2b 2025-04-21 13:58:19+00:00| seen| https://t.me/cvedetector/23435...

CVE-2025-3840 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

An improper neutralization of input vulnerability was identified in the End of Life EOL OVA based connect installer component which is deployed for installation purposes in a customer network. This EOL component was deprecated in September 2023 with end of support extended till January 2024. An...

Linux Distros Unpatched Vulnerability : CVE-2024-3840

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in Site Isolation in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass navigation restrictions via a...

Debian: Security Advisory (DLA-3840-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 15 Security Update : opera (openSUSE-SU-2024:0156-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0156-1 advisory. Update to 110.0.5130.64 CHR-9748 Update Chromium on desktop-stable-124-5130 to 124.0.6367.243 DNA-116317 Create outline or shadow around emojis o...

openSUSE Security Advisory (openSUSE-SU-2024:0128-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2024-0150)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Chromium: CVE-2024-3840 Insufficient policy enforcement in Site Isolation

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2024-3840

Insufficient policy enforcement in Site Isolation in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

CVE-2024-3840 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2024-3840 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2024-3840

CVE-2024-3840 affects Google Chrome/Chromium where insufficient policy enforcement in Site Isolation could allow a remote attacker to bypass navigation restrictions via a crafted HTML page. The issue is mitigated in Chrome/Chromium 124.0.6367.60 (and newer); Debian security advisory lists 124.0.6...

CVE-2024-3840

Insufficient policy enforcement in Site Isolation in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

Stable Channel Update for Desktop

The Stable channel has been updated to 124.0.6367.60/.61 for Windows and Mac and 124.0.6367.60 to Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. The Extended Stable channel has been updated to 124.0.6367.60/.61 for Windows and M...

openSUSE: Security Advisory for go1.20 (SUSE-SU-2023:3840-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 7 : libvirt (ELSA-2019-2294)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-2294 advisory. - api: disallow virDomainSaveImageGetXMLDesc on read-only connections CVE-2019-10161 - api: disallow virDomainManagedSaveDefineXML on read-only connections...

CVE-2023-3840

creationtimestamp| type| source ---|---|--- 2023-07-23 07:24:58+00:00| seen| https://t.me/cibsecurity/67125...