MINI-23QP-7CPW-3559

Bulletin has no description...

CVE-2026-3559

Philips Hue Bridge HomeKit Accessory Protocol Static Nonce Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The specific...

CVE-2026-3559

creationtimestamp| type| source ---|---|--- 2026-03-06 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-26-157/ 2026-04-28 03:37:08+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mkjnt2kdo42q...

CGA-3559-P37G-MP33

Bulletin has no description...

Linux Distros Unpatched Vulnerability : CVE-2019-3559

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Java Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short...

CVE-2023-3559

A vulnerability classified as problematic was found in GZ Scripts PHP GZ Appointment Scheduling Script 1.8. Affected by this vulnerability is an unknown functionality of the file /load.php. The manipulation of the argument firstname/secondname/phone/address1/country leads to cross site scripting...

CVE-2025-3559 ghostxbh uzy-ssm-mall 20 ForeProductListController sql injection

A vulnerability has been found in ghostxbh uzy-ssm-mall 1.0.0 and classified as critical. This vulnerability affects the function ForeProductListController of the file /mall/product/0/20. The manipulation of the argument orderBy leads to sql injection. The attack can be initiated remotely. The...

CVE-2025-3559 ghostxbh uzy-ssm-mall 20 ForeProductListController sql injection

A vulnerability has been found in ghostxbh uzy-ssm-mall 1.0.0 and classified as critical. This vulnerability affects the function ForeProductListController of the file /mall/product/0/20. The manipulation of the argument orderBy leads to sql injection. The attack can be initiated remotely. The...

OESA-2024-1927 exim security update

Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal ...

CVE-2024-3559

CVE-2024-3559 describes a Stored Cross-Site Scripting (XSS) in the WordPress plugin Custom Field Suite up to version 2.6.7, due to insufficient input sanitization and output escaping on the cfs[post_content] parameter. Exploitation requires authenticated access at contributor level or higher, and...

CVE-2024-3559 Custom Field Suite <= 2.6.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via cfs[post_content]

The Custom Field Suite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the the 'cfspostcontent' parameter versions up to, and including, 2.6.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-lev...

CGA-2M35-3559-436H

Bulletin has no description...

openSUSE Security Advisory (openSUSE-SU-2024:0007-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CLSA-2023-1699908687 exim: Fix of CVE-2022-3559

CVE-2022-3559: Fix $regex use-after-free...

CVE-2023-3559

creationtimestamp| type| source ---|---|--- 2023-07-10 20:23:55+00:00| seen| https://t.me/cibsecurity/66252...

CVE-2023-3559

A vulnerability classified as problematic was found in GZ Scripts PHP GZ Appointment Scheduling Script 1.8. Affected by this vulnerability is an unknown functionality of the file /load.php. The manipulation of the argument firstname/secondname/phone/address1/country leads to cross site scripting...

CVE-2023-3559

CVE-2023-3559 affects GZ Scripts PHP GZ Appointment Scheduling Script 1.8. The vulnerability is in the /load.php endpoint, where manipulating parameters first_name, second_name, phone, address_1, or country enables cross-site scripting. Attacks can be launched remotely. Public references (VDB-233...

Oracle Linux 9 : c-ares (ELSA-2023-3559)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-3559 advisory. 1.17.1-5.1 - Resolves: rhbz2209519 - CVE-2023-32067 c-ares: 0-byte UDP payload Denial of Service rhel-9.2.0.z Tenable has extracted the preceding description...

RHEL 9 : c-ares (RHSA-2023:3559)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:3559 advisory. The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. Security Fixes: c-ares: 0-byte UDP payload...

SUSE CVE-2017-3559

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.0.38 and Prior to 5.1.20. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM...