CVE-2026-3562

Philips Hue Bridge hkhap Ed25519 Signature Verification Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The specific...

MiracleLinux 8 : squid:4 (AXSA:2022-3562:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3562:01 advisory. squid: out-of-bounds read in WCCP protocol data may lead to information disclosure CVE-2021-28116 Tenable has extracted the preceding description block...

CVE-2019-3562

A remote web page could inject arbitrary HTML code into the Oculus Browser UI, allowing an attacker to spoof UI and potentially execute code. This affects the Oculus Browser starting from version 5.2.7 until 5.7.11...

CVE-2025-3562

A vulnerability was found in Yonyou YonBIP MA2.7. It has been declared as problematic. Affected by this vulnerability is the function FileInputStream of the file /mobsm/common/userfile. The manipulation of the argument path leads to path traversal. The attack can be launched remotely. The exploit...

CVE-2025-3562

creationtimestamp| type| source ---|---|--- 2025-04-14 10:53:00+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11594 2025-04-14 12:33:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmrl34ha3w2z 2025-04-14 14:40:23+00:00| seen|...

CVE-2025-3562

Summary (CVE-2025-3562): A path traversal vulnerability exists in Yonyou YonBIP MA2.7, specifically in the FileInputStream function of the file /mobsm/common/userfile. The manipulation of the argument path enables traversal and remote exploitation. Connected sources confirm the affected software/...

CVE-2025-3562 Yonyou YonBIP userfile FileInputStream path traversal

A vulnerability was found in Yonyou YonBIP MA2.7. It has been declared as problematic. Affected by this vulnerability is the function FileInputStream of the file /mobsm/common/userfile. The manipulation of the argument path leads to path traversal. The attack can be launched remotely. The exploit...

CVE-2025-3562 Yonyou YonBIP userfile FileInputStream path traversal

A vulnerability was found in Yonyou YonBIP MA2.7. It has been declared as problematic. Affected by this vulnerability is the function FileInputStream of the file /mobsm/common/userfile. The manipulation of the argument path leads to path traversal. The attack can be launched remotely. The exploit...

RHEL 8 : python-jinja2 (RHSA-2025:3562)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:3562 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

SUSE SLES15 Security Update : MozillaFirefox (SUSE-SU-2023:3562-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3562-1 advisory. - A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion a...

Wireshark 4.0.x < 4.0.8 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 4.0.8. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-4.0.8 advisory. - Multiple integer signedness errors in the tvbunmasked function in epan/dissectors/packet-websocket.c in the...

CVE-2023-3562

creationtimestamp| type| source ---|---|--- 2023-07-10 20:29:57+00:00| seen| https://t.me/cibsecurity/66273 2024-01-04 02:23:00+00:00| seen| https://t.me/arpsyndicate/2408...

CVE-2023-3562

GZ Scripts PHP CRM Platform 1.8 is affected by CVE-2023-3562. The vulnerability arises from improper handling of the action parameter in /index.php, enabling cross-site scripting. Reports consistently cite remote feasibility via a network vector, with the root cause described as manipulation of a...

CVE-2023-3562 GZ Scripts PHP CRM Platform index.php cross site scripting

A vulnerability has been found in GZ Scripts PHP CRM Platform 1.8 and classified as problematic. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument action leads to cross site scripting. The attack can be initiated remotely. The identifier of this...

RHEL 9 : firefox (RHSA-2023:3562)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:3562 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

CVE-2022-3562

creationtimestamp| type| source ---|---|--- 2022-11-20 07:30:54+00:00| seen| https://t.me/cibsecurity/53208 2025-04-28 18:10:52+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13714...

CVE-2022-3562

CVE-2022-3562 is a stored XSS in LibreNMS (librenms/librenms) prior to 22.10.0. Veracode notes the issue due to lack of sanitization in bill_name in print_port_list (bill.inc.php), allowing malicious JavaScript. Multiple sources confirm XSS exists before 22.10.0; remediation is to upgrade to 22.1...

CVE-2022-3562 Cross-site Scripting (XSS) - Stored in librenms/librenms

Cross-site Scripting XSS - Stored in GitHub repository librenms/librenms prior to 22.10.0...

CVE-2022-3562 Cross-site Scripting (XSS) - Stored in librenms/librenms

Cross-site Scripting XSS - Stored in GitHub repository librenms/librenms prior to 22.10.0...

CVE-2022-3562 Cross-site Scripting (XSS) - Stored in librenms/librenms

Cross-site Scripting XSS - Stored in GitHub repository librenms/librenms prior to 22.10.0...