RHCOS 2 : Red Hat OpenShift Enterprise 2.2.9 (RHSA-2016:0489)

The remote Red Hat Enterprise Linux CoreOS 2 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:0489 advisory. - ObjectMessage: unsafe deserialization CVE-2015-5254 - jenkins: Project name disclosure via fingerprints SECURITY-153 CVE-2015-5317...

CVE-2026-0489

creationtimestamp| type| source ---|---|--- 2026-03-10 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0256/ 2026-03-12 03:00:05+00:00| seen| https://support.sap.com/en/my-support/knowledge-base/security-notes-news/march-2026.html...

RHSA-2026:0489 Red Hat Security Advisory: kernel security update

Bulletin has no description...

CVE-2021-0489

In memory management driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID:...

EUVD-2026-0489

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

CVE-2023-0489

The SlideOnline WordPress plugin through 1.2.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2020-0489

In Parsedata of easmdls.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in the media extractor with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android...

CVE-2025-0489

creationtimestamp| type| source ---|---|--- 2025-01-15 21:36:08+00:00| seen| https://infosec.exchange/users/cve/statuses/113834522556296724 2025-01-15 22:15:47+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfss4iodt32j 2025-01-15 23:08:25+00:00| seen|...

CVE-2025-0489

CVE-2025-0489 affects Fanli2012 native-php-cms 1.0. The vulnerability resides in /fladmin/friendlink_dodel.php where manipulation of the id parameter leads to SQL injection. The issue can be triggered remotely and public exploit information exists. Affected component: file handling friendlink_dod...

CVE-2025-0489 Fanli2012 native-php-cms friendlink_dodel.php sql injection

A vulnerability classified as critical was found in Fanli2012 native-php-cms 1.0. This vulnerability affects unknown code of the file /fladmin/friendlinkdodel.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to t...

RHSA-2024:0489

creationtimestamp| type| source ---|---|--- 2024-01-31 18:16:40+00:00| seen| https://t.me/ctinow/176942...

CVE-2024-0489

creationtimestamp| type| source ---|---|--- 2024-01-13 15:26:31+00:00| seen| https://t.me/ctinow/167857 2024-02-02 14:41:38+00:00| seen| https://t.me/ctinow/178091...

CVE-2024-0489 code-projects Fighting Cock Information System edit_chicken.php sql injection

A vulnerability was found in code-projects Fighting Cock Information System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/action/editchicken.php. The manipulation of the argument ref leads to sql injection. The attack can be initiated remotely...

CVE-2024-0489

CVE-2024-0489 affects code-projects Fighting Cock Information System 1.0. Affected component: the /admin/action/edit_chicken.php file, where manipulation of the ref argument leads to SQL injection. Exploitation is remote and public (VDB-250594 referenced). Multiple sources corroborate SQL injecti...

CVE-2023-0489

The SlideOnline WordPress plugin through 1.2.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2023-0489

CVE-2023-0489 affects the SlideOnline WordPress plugin (

CVE-2023-0489 SlideOnline <= 1.2.1 - Contributor+ Stored XSS

The SlideOnline WordPress plugin through 1.2.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2023-0489 SlideOnline <= 1.2.1 - Contributor+ Stored XSS

The SlideOnline WordPress plugin through 1.2.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

WordPress SlideOnline Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)

Software SlideOnline Type Plugin Vulnerable versions = 1.2.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0489 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 19f926b06d3e Credits Lana Codes Required...

Debian: Security Advisory (DLA-53-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...