CVE-2026-40034

creationtimestamp| type| source ---|---|--- 2026-05-26 15:08:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmrbjkcv452o...

CVE-2026-40034 gitoxide - Command Injection via Partial .gitmodules Override in gix-submodule

gix-submodule before 0.29.0 gitoxide before 0.5.21, gix before 0.84.0 incorrectly validates the update field in .gitmodules, allowing attackers to bypass the CommandForbiddenInModulesConfiguration guard when a submodule has been initialized with only partial configuration in .git/config. An...

CVE-2023-40034

Woodpecker is a community fork of the Drone CI system. In affected versions an attacker can post malformed webhook data witch lead to an update of the repository data that can e.g. allow the takeover of an repo. This is only critical if the CI is configured for public usage and connected to a for...

BELL-CVE-2025-40034 CVE-2025-40034 does not affect BellSoft software

Bulletin has no description...

CVE-2024-40034

creationtimestamp| type| source ---|---|--- 2024-07-09 21:55:30+00:00| seen| https://t.me/cvedetector/431...

CVE-2024-40034

CVE-2024-40034 : A Cross-Site Request Forgery (CSRF) vulnerability affects idccms v1.35, exploitable via the /admin/userLevel_deal.php?mudi=del endpoint. The issue enables unauthorized actions without authentication or with user interaction. CVSS v3.1 base metrics indicate high impact to confiden...

CVE-2024-40034

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/userLeveldeal.php?mudi=del...

CVE-2023-40034

creationtimestamp| type| source ---|---|--- 2023-08-17 00:36:45+00:00| seen| https://t.me/cibsecurity/68692...

CVE-2023-40034 Repositoty takeover in woodpecker-ci

Woodpecker is a community fork of the Drone CI system. In affected versions an attacker can post malformed webhook data witch lead to an update of the repository data that can e.g. allow the takeover of an repo. This is only critical if the CI is configured for public usage and connected to a for...

CVE-2023-40034 Repositoty takeover in woodpecker-ci

Woodpecker is a community fork of the Drone CI system. In affected versions an attacker can post malformed webhook data witch lead to an update of the repository data that can e.g. allow the takeover of an repo. This is only critical if the CI is configured for public usage and connected to a for...

CVE-2023-40034 Repositoty takeover in woodpecker-ci

Woodpecker is a community fork of the Drone CI system. In affected versions an attacker can post malformed webhook data witch lead to an update of the repository data that can e.g. allow the takeover of an repo. This is only critical if the CI is configured for public usage and connected to a for...

CVE-2023-40034

CVE-2023-40034 affects Woodpecker CI (community fork of Drone CI). The vulnerability: attackers can post malformed webhook data to trigger repository data updates, potentially allowing takeover of a repository when the CI is public and connected to a public forge. The issue is addressed in versio...

CVE-2022-40034

creationtimestamp| type| source ---|---|--- 2023-01-24 00:25:10+00:00| seen| https://t.me/cibsecurity/56871...

CVE-2022-40034

Cross-Site Scripting XSS vulnerability found in Rawchen blog-ssm v1.0 allows attackers to execute arbitrary code via the 'notifyInfo' parameter...

CVE-2022-40034

CVE-2022-40034 is an XSS vulnerability affecting Rawchen blog-ssm v1.0. The issue allows an attacker to execute arbitrary code via the notifyInfo parameter. Public sources consistently describe the vulnerability as XSS in Rawchen blog-ssm v1.0; the root cause is indicated as improper handling of ...

CVE-2021-40034

The video framework has the memory overwriting vulnerability caused by addition overflow. Successful exploitation of this vulnerability may affect the availability...

CVE-2021-40034

CVE-2021-40034 affects the video framework in HarmonyOS; the root cause is an addition overflow that leads to memory overwrite. This vulnerability can impact availability if exploited. Public sources in the provided documents (NVD, CNNVD, etc.) describe the memory-overwrite issue without detailin...