RHCOS 4 : OpenShift Container Platform 4.1.24 runc (RHSA-2019:3940)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:3940 advisory. - runc: AppArmor/SELinux bypass with malicious image that specifies a volume at /proc CVE-2019-16884 Note that Nessus has not tested for this...

CVE-2026-3940 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-3940 vulnerabilities

Vulnerabilities for packages: chromium...

AlmaLinux 9 : nfs-utils (ALSA-2026:3940)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:3940 advisory. nfs-utils: rpc.mountd in the nfs-utils privilege escalation CVE-2025-12801 Tenable has extracted the preceding description block directly from the AlmaLinux securi...

Linux Distros Unpatched Vulnerability : CVE-2026-3940

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HT...

CVE-2026-3940

Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

CVE-2026-3940

Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

EUVD-2026-3940

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in highwarden Super Logos Showcase superlogoshowcase-wp allows Reflected XSS.This issue affects Super Logos Showcase: from n/a through = 2.8...

CVE-2013-3940

creationtimestamp| type| source ---|---|--- 2025-08-31 03:13:10+00:00| seen| MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57...

CVE-2023-3940

Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker to access any file on the system. This issue affects ZkTeco-based OEM devices ZkTeco ProFace X, Smartec ST-FR043, Smartec ST-FR041ME and possibly others with the ZAM170-NF-1.8.25-7354-Ver1.0.0 and possibly others...

CVE-2025-3940

Improper Use of Validation Framework vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Input Data Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise...

CVE-2025-3940 Improper Use of Validation Framework

Improper Use of Validation Framework vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Input Data Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise...

CVE-2025-3940 Improper Use of Validation Framework

Improper Use of Validation Framework vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Input Data Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise...

CVE-2025-3940

CVE-2025-3940 is an Improper Use of Validation Framework vulnerability in Tridium Niagara Framework and Niagara Enterprise Security, allowing input data manipulation. Affected: Niagara Framework and Niagara Enterprise Security, versions before 4.14.2, 4.15.1, and 4.10.11. Exploitation details are...

ZKTeco Biometric System Found Vulnerable to 24 Critical Security Flaws

An analysis of a hybrid biometric access system from Chinese manufacturer ZKTeco has uncovered two dozen security flaws that could be used by attackers to defeat authentication, steal biometric data, and even deploy malicious backdoors. "By adding random user data to the database or using a fake ...

CVE-2023-3940

creationtimestamp| type| source ---|---|--- 2024-06-12 15:10:04+00:00| published-proof-of-concept| https://t.me/BlackHat0Hackers/52 2024-06-12 18:41:36+00:00| published-proof-of-concept| https://t.me/ZeroEthicalCourse/441 2024-07-17 13:08:30+00:00| seen| https://t.me/androidMalware/2248...

CVE-2023-3940

Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker to access any file on the system. This issue affects ZkTeco-based OEM devices ZkTeco ProFace X, Smartec ST-FR043, Smartec ST-FR041ME and possibly others with the ZAM170-NF-1.8.25-7354-Ver1.0.0 and possibly others...

CVE-2023-3940

CVE-2023-3940 involves a Relative Path Traversal affecting ZkTeco-based OEM devices (notably ZAM170-NF-1.8.25-7354-Ver1.0.0 on ProFace X and related Smartec models). Connected sources describe path traversal in relative path handling that can allow an attacker to access arbitrary files on the dev...

CVE-2023-3940 Multiple arbitrary file reads in ZkTeco-based OEM devices

Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker to access any file on the system. This issue affects ZkTeco-based OEM devices ZkTeco ProFace X, Smartec ST-FR043, Smartec ST-FR041ME and possibly others with the ZAM170-NF-1.8.25-7354-Ver1.0.0 and possibly others...

WordPress reCAPTCHA Jetpack Plugin <= 0.2.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software reCAPTCHA Jetpack Type Plugin Vulnerable versions = 0.2.2 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-3940 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID cb69d1ca95bb Credits Bob Matyas Required...