pypdf: manipulated stream length values can exhaust RAM

Impact An attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing a content stream with a rather large /Length value, regardless of the actual data length inside the stream. Patches This has been fixed in pypdf==6.8.0. Workarounds If you canno...

CVE-2026-3675

creationtimestamp| type| source ---|---|--- 2026-03-07 21:15:50+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-3675...

Linux Distros Unpatched Vulnerability : CVE-2012-3675

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application...

CVE-2013-3675

The processframeobj function in sanm.c in libavcodec in FFmpeg before 1.2.1 does not validate width and height values, which allows remote attackers to cause a denial of service integer overflow, out-of-bounds array access, and application crash via crafted LucasArts Smush video data...

CVE-2025-3675

creationtimestamp| type| source ---|---|--- 2025-04-16 07:55:33+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11994 2025-04-16 10:43:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmwfuri5bj2b 2025-04-16 11:51:01+00:00| seen|...

CVE-2025-3675

A vulnerability was found in TOTOLINK A3700R 9.1.2u.5822B20200513. It has been rated as critical. Affected by this issue is the function setL2tpServerCfg of the file /cgi-bin/cstecgi.cgi. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been...

CVE-2025-3675 TOTOLINK A3700R cstecgi.cgi setL2tpServerCfg access control

A vulnerability was found in TOTOLINK A3700R 9.1.2u.5822B20200513. It has been rated as critical. Affected by this issue is the function setL2tpServerCfg of the file /cgi-bin/cstecgi.cgi. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been...

CVE-2025-3675

The vulnerability CVE-2025-3675 affects TOTOLINK A3700R (firmware 9.1.2u.5822_B20200513). The issue resides in the setL2tpServerCfg function in /cgi-bin/cstecgi.cgi, where improper access controls can be exploited remotely. Multiple connected sources confirm the root cause and the potential for r...

openSUSE Security Advisory (SUSE-SU-2024:3675-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CGA-W6FG-GVMV-3675

Bulletin has no description...

CVE-2024-3675

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Flip Carousel, Flip Box, Post Grid, and Taxonomy List widgets in all versions up to, and including, 1.3.971 due to insufficient input sanitization and output escaping on use...

WordPress Royal Elementor Addons Plugin <= 1.3.971 is vulnerable to Cross Site Scripting (XSS)

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.971 Fixed in 1.3.972 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3675 Patch priority Low CVSS severity Low 6.5 Developer WProyal PSID 455900c3fc8f Credits stealthcopter Require...

CVE-2023-3675

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Secomea GateManager Web GUI allows Reading Data from System Resources.This issue affects GateManager: from 11.0.623074018 before 11.0.623373051...

CVE-2023-3675 Insufficient input validation when downloading certain file types.

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Secomea GateManager Web GUI allows Reading Data from System Resources.This issue affects GateManager: from 11.0.623074018 before 11.0.623373051...

CVE-2023-3675

CVE-2023-3675 affects Secomea GateManager (Web GUI). The issue is a path traversal vulnerability in GateManager that allows reading data from system resources. Affected versions are 11.0.623074018 up to, but not including, 11.0.623373051. The Root Cause and Verified Impact are described as improp...

CVE-2018-3675

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none...

SUSE CVE-2010-3675

unknown...

SUSE CVE-2014-3675

Shim allows remote attackers to cause a denial of service out-of-bounds read via a crafted DHCPv6 packet...

Synaptics Fingerprint Driver Vulnerability - Lenovo Support US

No description provided...

CVE-2022-3675

creationtimestamp| type| source ---|---|--- 2022-11-03 21:20:57+00:00| seen| https://t.me/cibsecurity/52527 2025-05-02 19:16:13+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14567...