CVE-2026-3557

Philips Hue Bridge happairverifyhandler Sub-TLV Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Although authentication is required to exploit th...

CVE-2026-3557

creationtimestamp| type| source ---|---|--- 2026-03-06 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-26-155/ 2026-04-28 04:37:08+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mkjr6dy6tz2w...

Linux Distros Unpatched Vulnerability : CVE-2019-3557

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The implementations of streams for bz2 and php://output improperly implemented their readImpl functions, returning -1 consistently. This behavior caused some...

CVE-2025-3557

A vulnerability, which was classified as problematic, has been found in ScriptAndTools eCommerce-website-in-PHP 3.0. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to t...

CVE-2025-3557

creationtimestamp| type| source ---|---|--- 2025-04-14 08:55:50+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11590 2025-04-14 13:00:06+00:00| seen| https://t.me/cvedetector/22839...

CVE-2025-3557

A vulnerability, which was classified as problematic, has been found in ScriptAndTools eCommerce-website-in-PHP 3.0. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to t...

CVE-2025-3557

A vulnerability, which was classified as problematic, has been found in ScriptAndTools eCommerce-website-in-PHP 3.0. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to t...

CVE-2025-3557 ScriptAndTools eCommerce-website-in-PHP cross-site request forgery

A vulnerability, which was classified as problematic, has been found in ScriptAndTools eCommerce-website-in-PHP 3.0. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to t...

CVE-2025-3557

ScriptAndTools eCommerce-website-in-PHP 3.0 is affected by a cross-site request forgery (CSRF) vulnerability impacting unknown functionality. The issue can be triggered remotely and multiple endpoints are affected. Public exploit information is noted, and the vendor has not responded to disclosur...

CVE-2025-3557 ScriptAndTools eCommerce-website-in-PHP cross-site request forgery

A vulnerability, which was classified as problematic, has been found in ScriptAndTools eCommerce-website-in-PHP 3.0. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to t...

CVE-2024-3557

creationtimestamp| type| source ---|---|--- 2025-02-14 10:03:09+00:00| seen| Telegram/fSZn6TJ0ciHM6WhwpAI7aOwff70ktiAKBEsjwfVXWWtYPY...

CVE-2024-3557

The WP Go Maps formerly WP Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpgmza shortcode in all versions up to, and including, 9.0.36 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible fo...

WordPress WP Go Maps Plugin <= 9.0.36 is vulnerable to Cross Site Scripting (XSS)

Software WP Go Maps Type Plugin Vulnerable versions = 9.0.36 Fixed in 9.0.37 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3557 Patch priority Low CVSS severity Low 6.5 Developer WP Go Maps PSID 5d4346327305 Credits Thanh Nam Tran Required privileg...

CVE-2024-4631

Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-3557. Reason: This candidate was issued in error and is a duplicate. Please use CVE-2024-3557 instead. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage...

RHEL 9 : openshift-gitops-kam (RHSA-2023:3557)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:3557 advisory. OpenShift GitOps KAM OpenShift GitOps Kubernetes Application Manager CLI tool Security Fixes: go-restful: Authorization Bypass Through User-Controlle...

CVE-2024-3556

Rejected reason: Duplicate of CVE-2024-3557...

openSUSE: Security Advisory for rekor (SUSE-SU-2023:3557-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 15 Security Update : rekor (SUSE-SU-2023:3557-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2023:3557-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable,...

CVE-2023-3557

CVE-2023-3557 affects GZ Scripts Property Listing Script 1.0. A cross-site scripting vulnerability arises from manipulating the /preview.php argument page/layout/sort_by, with remote exploitation potential. Multiple sources confirm this issue but do not provide a fix in the initial record. Remedi...

SUSE CVE-2010-3557

Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...