Amazon Linux 2023 : python3-pip, python3-pip-wheel (ALAS2023-2026-1589)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1589 advisory. When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation...

Huawei EulerOS: Security Advisory for python-ldap (EulerOS-SA-2026-1589)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2026-1589

creationtimestamp| type| source ---|---|--- 2026-01-29 17:59:35+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdlejdbdoy2m...

CVE-2026-1589 itsourcecode School Management System index.php sql injection

A vulnerability was determined in itsourcecode School Management System 1.0. This affects an unknown function of the file /ramonsys/inquiry/index.php. This manipulation of the argument txtsearch causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed an...

EUVD-2005-1267

Malware in sbrugna...

CVE-2009-1589

Unspecified vulnerability in CGI RESCUE MiniBBS22 before 1.01 allows remote attackers to send email to arbitrary recipients via unknown vectors...

CVE-2025-1589

A vulnerability was found in SourceCodester E-Learning System 1.0 and classified as problematic. This issue affects some unknown processing of the file /register.php of the component User Registration Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely...

CVE-2025-1589

CVE-2025-1589 affects SourceCodester E-Learning System 1.0, specifically the User Registration Handler’s /register.php. Multiple connected sources describe a cross-site scripting vulnerability that can be triggered remotely through the registration path. The exact affected code path is the handli...

CVE-2025-1589 SourceCodester E-Learning System User Registration register.php cross site scripting

A vulnerability was found in SourceCodester E-Learning System 1.0 and classified as problematic. This issue affects some unknown processing of the file /register.php of the component User Registration Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely...

CVE-2025-1589 SourceCodester E-Learning System User Registration register.php cross site scripting

A vulnerability was found in SourceCodester E-Learning System 1.0 and classified as problematic. This issue affects some unknown processing of the file /register.php of the component User Registration Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely...

CVE-2024-1589 SendPress Newsletters <= 1.23.11.6 - Admin+ Stored XSS via Form Settings

The SendPress Newsletters WordPress plugin through 1.23.11.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-1589

The CVE-2024-1589 issue affects the WordPress SendPress Newsletters plugin up to version 1.23.11.6. The root cause is that certain settings are not properly sanitised/escaped, enabling Stored Cross-Site Scripting (stored XSS) by high-privilege users (e.g., admins), even when unfiltered_html is di...

CVE-2023-1589

creationtimestamp| type| source ---|---|--- 2023-03-23 11:36:31+00:00| seen| https://t.me/cibsecurity/60543...

CVE-2023-1589 SourceCodester Online Tours & Travels Management System approve_delete.php exec sql injection

A vulnerability has been found in SourceCodester Online Tours & Travels Management System 1.0 and classified as critical. This vulnerability affects the function exec of the file admin/operations/approvedelete.php. The manipulation of the argument id leads to sql injection. The attack can be...

CVE-2023-1589

CVE-2023-1589 affects SourceCodester Online Tours & Travels Management System v1.0. The vulnerability lies in the exec function used by admin/operations/approve_delete.php, where manipulating the id parameter enables SQL injection. Exploitation is possible remotely and has been publicly disclosed...

Debian: Security Advisory (DSA-1589-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2014-1589

Mozilla Firefox before 34.0 and SeaMonkey before 2.31 provide stylesheets with an incorrect primary namespace, which allows remote attackers to bypass intended access restrictions via an XBL binding...

Ubuntu: Security Advisory (USN-2424-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux AMI : git (ALAS-2022-1589)

The version of git installed on the remote host is prior to 2.36.1-1.75. It is, therefore, affected by a vulnerability as referenced in the ALAS-2022-1589 advisory. A vulnerability was found in Git. This flaw occurs due to Git not checking the ownership of directories in a local multi-user system...

CVE-2022-1589

creationtimestamp| type| source ---|---|--- 2022-05-30 12:17:57+00:00| seen| https://t.me/cibsecurity/43538...