EUVD-2026-3475

Insufficient policy enforcement in Network in Google Chrome prior to 144.0.7559.59 allowed an attack who obtained a network log file to potentially obtain potentially sensitive information via a network log file. Chromium security severity: Medium...

CVE-2024-3475

The Sticky Buttons WordPress plugin before 3.2.4 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting buttons via CSRF attacks...

CVE-2009-3475

Internet2 Shibboleth Service Provider software 1.3.x before 1.3.3 and 2.x before 2.2.1, when using PKIX trust validation, does not properly handle a '\0' character in the subject or subjectAltName fields of a certificate, which allows remote man-in-the-middle attackers to spoof arbitrary SSL...

CVE-2025-3475

Allocation of Resources Without Limits or Throttling, Incorrect Authorization vulnerability in Drupal WEB-T allows Excessive Allocation, Content Spoofing.This issue affects WEB-T: from 0.0.0 before 1.1.0...

CVE-2025-3475

Allocation of Resources Without Limits or Throttling, Incorrect Authorization vulnerability in Drupal WEB-T allows Excessive Allocation, Content Spoofing.This issue affects WEB-T: from 0.0.0 before 1.1.0...

CVE-2025-3475 WEB-T - Moderately critical - Access bypass, Denial of service - SA-CONTRIB-2025-030

Allocation of Resources Without Limits or Throttling, Incorrect Authorization vulnerability in Drupal WEB-T allows Excessive Allocation, Content Spoofing.This issue affects WEB-T: from 0.0.0 before 1.1.0...

CVE-2025-3475 WEB-T - Moderately critical - Access bypass, Denial of service - SA-CONTRIB-2025-030

Allocation of Resources Without Limits or Throttling, Incorrect Authorization vulnerability in Drupal WEB-T allows Excessive Allocation, Content Spoofing.This issue affects WEB-T: from 0.0.0 before 1.1.0...

CVE-2025-3475

CVE-2025-3475 concerns the Drupal WEB-T module with an issue described as Allocation of Resources Without Limits or Throttling and Incorrect Authorization, enabling Excessive Allocation and Content Spoofing. Affected are WEB-T versions 0.0.0 through 1.1.0, where the root cause is unbounded resour...

Linux Distros Unpatched Vulnerability : CVE-2021-3475

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow,...

CVE-2024-3475

The Sticky Buttons WordPress plugin before 3.2.4 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting buttons via CSRF attacks...

CVE-2024-3475 Sticky Buttons < 3.2.4 - Button Deletion via CSRF

The Sticky Buttons WordPress plugin before 3.2.4 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting buttons via CSRF attacks...

CVE-2024-3475

The CVE-2024-3475 issue concerns the Sticky Buttons WordPress plugin. Connected sources confirm that versions prior to 3.2.4 ship with missing CSRF checks on certain bulk actions, enabling an attacker with admin privileges to cause logged-in admins to perform unwanted actions (e.g., deleting butt...

CVE-2024-3475 Sticky Buttons < 3.2.4 - Button Deletion via CSRF

The Sticky Buttons WordPress plugin before 3.2.4 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting buttons via CSRF attacks...

WordPress Sticky Buttons Plugin < 3.2.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Sticky Buttons Type Plugin Vulnerable versions 3.2.4 Fixed in 3.2.4 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-3475 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID c9f456e279d5 Credits Bob Matyas Required...

CVE-2023-3475

creationtimestamp| type| source ---|---|--- 2023-06-30 12:15:04+00:00| seen| https://t.me/cibsecurity/65776...

CVE-2023-3475

A vulnerability was found in SimplePHPscripts Event Script 2.1 and classified as problematic. Affected by this issue is some unknown functionality of the file preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. I...

CVE-2023-3475

CVE-2023-3475 affects SimplePHPscripts Event Script 2.1. The vulnerability exists in the URL Parameter Handler’s preview.php, enabling cross-site scripting via remote attack. Affected functionality is described as unknown in detail, with impact limited to confidentiality/integrity concerns as per...

SUSE CVE-2007-3475

The GD Graphics Library libgd before 2.0.35 allows user-assisted remote attackers to cause a denial of service crash via a GIF image that has no global color map...

Debian dla-3236 : libopenexr-dev - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3236 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3236-1 [email protected]...

[SECURITY] [DLA 3236-1] openexr security update

Debian LTS Advisory DLA-3236-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany December 12, 2022 https://wiki.debian.org/LTS Package : openexr Version : 2.2.1-4.1+deb10u2 CVE ID : CVE-2020-16587 CVE-2020-16588 CVE-2020-16589 CVE-2021-3474 CVE-2021-3475 CVE-2021-34...