CVE-2026-3556

Philips Hue Bridge HomeKit Pair-Setup Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The...

CVE-2026-3556

creationtimestamp| type| source ---|---|--- 2026-03-06 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-26-154/ 2026-04-27 22:37:06+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mkj52ldm2d2s...

Linux Distros Unpatched Vulnerability : CVE-2019-3556

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HHVM supports the use of an admin server which accepts administrative requests over HTTP. One of those request handlers, dump-pcre-cache, can be used to output...

CVE-2011-3556 vulnerabilities

Vulnerabilities for packages: openjdk-17-openj9, openjdk-11-openj9, openjdk-21-openj9, openjdk-8-openj9...

CVE-2023-3556

A vulnerability was found in GZ Scripts Car Listing Script PHP 1.8. It has been declared as problematic. This vulnerability affects unknown code of the file /preview.php. The manipulation of the argument page/sortby leads to cross site scripting. The attack can be initiated remotely. VDB-233350 i...

CVE-2022-3556

The Cab fare calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the vehicle title setting in versions up to, and including, 1.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrative...

CVE-2019-3556

HHVM supports the use of an "admin" server which accepts administrative requests over HTTP. One of those request handlers, dump-pcre-cache, can be used to output cached regular expressions from the current execution context into a file. The handler takes a parameter which specifies where on the...

CVE-2012-3556

Opera before 11.65 does not properly restrict the opening of a pop-up window in response to the first click of a double-click action, which makes it easier for user-assisted remote attackers to conduct cross-site scripting XSS attacks or execute arbitrary code via a crafted web site...

CVE-2025-3556

A vulnerability classified as problematic was found in ScriptAndTools eCommerce-website-in-PHP 3.0. Affected by this vulnerability is an unknown functionality of the file /admin/login.php. The manipulation leads to improper restriction of excessive authentication attempts. The attack can be...

CVE-2025-3556

A vulnerability classified as problematic was found in ScriptAndTools eCommerce-website-in-PHP 3.0. Affected by this vulnerability is an unknown functionality of the file /admin/login.php. The manipulation leads to improper restriction of excessive authentication attempts. The attack can be...

CVE-2025-3556

creationtimestamp| type| source ---|---|--- 2025-04-14 07:52:58+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11585 2025-04-14 12:59:44+00:00| seen| https://t.me/cvedetector/22838...

CVE-2025-3556 ScriptAndTools eCommerce-website-in-PHP login.php excessive authentication

A vulnerability classified as problematic was found in ScriptAndTools eCommerce-website-in-PHP 3.0. Affected by this vulnerability is an unknown functionality of the file /admin/login.php. The manipulation leads to improper restriction of excessive authentication attempts. The attack can be...

CVE-2025-3556

CVE-2025-3556 affects ScriptAndTools eCommerce-website-in-PHP 3.0. The vulnerability resides in an unknown functionality of /admin/login.php, where improper restriction of excessive authentication attempts can be exploited remotely. Documents consistently describe high attack complexity and high ...

CVE-2025-3556 ScriptAndTools eCommerce-website-in-PHP login.php excessive authentication

A vulnerability classified as problematic was found in ScriptAndTools eCommerce-website-in-PHP 3.0. Affected by this vulnerability is an unknown functionality of the file /admin/login.php. The manipulation leads to improper restriction of excessive authentication attempts. The attack can be...

RHEL 9 : firefox (RHSA-2025:3556)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:3556 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

AlmaLinux 9 : firefox (ALSA-2025:3556)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:3556 advisory. firefox: thunderbird: URL Bar Spoofing via non-BMP Unicode characters CVE-2025-3029 firefox: thunderbird: Use-after-free triggered by XSLTProcessor...

Oracle Linux 9 : firefox (ELSA-2025-3556)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-3556 advisory. 128.9.0-2.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red...

Linux Distros Unpatched Vulnerability : CVE-2011-3556

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.233...

CVE-2022-3556

creationtimestamp| type| source ---|---|--- 2024-09-05 13:50:24+00:00| seen| https://t.me/cvedetector/4902...

CVE-2022-3556 Cab fare calculator <= 1.1.6 - Authenticated (Admin+) Stored Cross-Site Scripting

The Cab fare calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the vehicle title setting in versions up to, and including, 1.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrative...