RHCOS 4 : OpenShift Container Platform 4.7.19 (RHSA-2021:2555)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2555 advisory. - polkit: local privilege escalation using polkitsystembusnamegetcredssync CVE-2021-3560 - dhcp: stack-based buffer overflow when...

CVE-2026-3560 Philips Hue Bridge HomeKit hk_hap_pair_storage_put Heap-based Buffer Overflow Remote Code Execution Vulnerability

Philips Hue Bridge HomeKit hkhappairstorageput Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Authentication is not required to exploit this...

CVE-2026-3560

creationtimestamp| type| source ---|---|--- 2026-03-06 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-26-158/ 2026-05-31 14:07:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mn5qfwy5hx2x...

MiracleLinux 9 : pesign-115-6.el9.ML.1 (AXSA:2023-5201:02)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-5201:02 advisory. pesign: Local privilege escalation on pesign systemd service CVE-2022-3560 Tenable has extracted the preceding description block directly from the MiracleLin...

MiracleLinux 8 : pesign-0.112-27.el8 (AXSA:2023-5253:04)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-5253:04 advisory. pesign: Local privilege escalation on pesign systemd service CVE-2022-3560 Tenable has extracted the preceding description block directly from the MiracleLin...

MiracleLinux 8 : polkit-0.115-11.el8.1 (AXSA:2021-2198:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2198:01 advisory. polkit: local privilege escalation using polkitsystembusnamegetcredssync CVE-2021-3560 Tenable has extracted the preceding description block directly from th...

MiracleLinux 4 : samba4-4.0.0-63.AXS4.rc4 (AXSA:2014-483:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2014-483:02 advisory. Description : Samba is the standard Windows interoperability suite of programs for Linux and Unix. Security issues fixed with this release: CVE-2014-3560...

MiracleLinux 3 : expat-1.95.8-8.3AXS3.2 (AXSA:2009-431:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-431:01 advisory. This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers wi...

Exploit for Incorrect Authorization in Polkit_Project Polkit

CVE-2021-3560Pol...

TencentOS Server 2: pesign (TSSA-2023:0033)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0033 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

TencentOS Server 3: pesign (TSSA-2023:0039)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0039 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

CVE-2023-3560

A vulnerability, which was classified as problematic, has been found in GZ Scripts Ticket Booking Script 1.8. Affected by this issue is some unknown functionality of the file /load.php. The manipulation of the argument firstname/secondname/phone/address1/country leads to cross site scripting. The...

CVE-2012-3560

Opera before 11.65 does not ensure that the address field corresponds to the displayed web page during blocked navigation, which makes it easier for remote attackers to conduct spoofing attacks by detecting and preventing attempts to load a different web page...

CVE-2019-3560

An improperly performed length calculation on a buffer in PlaintextRecordLayer could lead to an infinite loop and denial-of-service based on user input. This issue affected versions of fizz prior to v2019.03.04.00...

Alibaba Cloud Linux 3 : 0035: polkit (ALINUX3-SA-2021:0035)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2021:0035 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-3560: RESERVED This candidate has been...

Security Bulletin: IBM Engineering Requirements Management DOORS/DWA vulnerabilities addressed in 9.7.2.9

Summary Apache Portable Runtime, The Expat XML Parser and DOORS Web Access are identified as vulnerable components with multiple reported vulnerabilities. The IBM Engineering Requirements Management DOORS/DWA product version 9.7.2.8 is vulnerable to the below mentioned CVEs. Remediation actions a...

CVE-2025-3560

A vulnerability was found in ghostxbh uzy-ssm-mall 1.0.0 and classified as problematic. This issue affects some unknown processing of the file /product. The manipulation of the argument productname leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed...

CVE-2025-3560

creationtimestamp| type| source ---|---|--- 2025-04-14 09:53:05+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11592 2025-04-14 14:40:25+00:00| seen| https://t.me/cvedetector/22845...

CVE-2025-3560

The CVE-2025-3560 entry concerns ghostxbh uzy-ssm-mall 1.0.0. The issue is a cross-site scripting (XSS) vulnerability in the /product endpoint caused by improper handling of the product_name argument. The problem is actionable remotely, and public disclosure of the exploit is noted. Connected sou...

CVE-2025-3560 ghostxbh uzy-ssm-mall product cross site scripting

A vulnerability was found in ghostxbh uzy-ssm-mall 1.0.0 and classified as problematic. This issue affects some unknown processing of the file /product. The manipulation of the argument productname leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed...