ECHO-2289-ED41-D73F

Bulletin has no description...

CVE-2019-2289

Lack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in...

Huawei EulerOS: Security Advisory for glib2 (EulerOS-SA-2025-2289)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2006-2289

Malware in sbrugna...

EUVD-2021-2289

Malware in sbrugna...

EUVD-2020-2289

Malware in sbrugna...

RHSA-2024:2289

creationtimestamp| type| source ---|---|--- 2025-09-02 16:24:48+00:00| seen| Telegram/A3KQQeqOaMv6WzbgX7aaVKzREyQzcmIHka6Ks55GpgRBY...

CVE-2025-2289

creationtimestamp| type| source ---|---|--- 2025-03-14 05:46:53+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7534 2025-03-14 08:20:42+00:00| seen| https://t.me/cvedetector/20263...

CVE-2025-2289 Zegen - Church WordPress Theme <= 1.1.9 - Missing Authorization to Authenticated (Subscriber+) Theme Options Updates

The Zegen - Church WordPress Theme theme for WordPress is vulnerable to unauthorized access due to a missing capability check on several AJAX endpoints in all versions up to, and including, 1.1.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to impor...

CVE-2025-2289 Zegen - Church WordPress Theme <= 1.1.9 - Missing Authorization to Authenticated (Subscriber+) Theme Options Updates

The Zegen - Church WordPress Theme theme for WordPress is vulnerable to unauthorized access due to a missing capability check on several AJAX endpoints in all versions up to, and including, 1.1.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to impor...

Linux Distros Unpatched Vulnerability : CVE-2022-2289

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use After Free in GitHub repository vim/vim prior to 9.0. CVE-2022-2289 Note that Nessus relies on the presence of the package as reported by the vendor...

Oracle Linux 9 : libtiff (ELSA-2024-2289)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2289 advisory. - Fix CVE-2023-6228 - Fix CVE-2023-40090 CVE-2023-3618 CVE-2023-40745 CVE-2023-41175 Tenable has extracted the preceding description block directly fro...

RHEL 9 : libtiff (RHSA-2024:2289)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2289 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: infinite...

RHEL 7 : qemu-kvm-rhev (RHSA-2018:2289)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2289 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the...

CVE-2024-2289

creationtimestamp| type| source ---|---|--- 2024-04-11 08:10:06+00:00| seen| https://t.me/arpsyndicate/4476...

CVE-2024-2289

PowerPack Lite for Beaver Builder (WordPress plugin) is vulnerable to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping on user-supplied attributes. The issue affects all versions up to 1.3.0 and can allow authenticated attackers with contributor-level and abo...

CVE-2024-2289 PowerPack Lite for Beaver Builder <= 1.3.0 - Authenticated(Contributor+) Stored Cross-Site Scripting via element link

The PowerPack Lite for Beaver Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the link in multiple elements in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress PowerPack Lite for Beaver Builder Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software PowerPack Lite for Beaver Builder Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.3.0.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2289 Patch priority Low CVSS severity Low 6.5 Developer IdeaBox Creations PSID 9d2284f4a282 Credits...

CVE-2019-2289

creationtimestamp| type| source ---|---|--- 2024-01-08 18:16:52+00:00| seen| https://t.me/ctinow/164535...

Amazon Linux 2 : ImageMagick (ALAS-2023-2289)

The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2289 advisory. A vulnerability was found in ImageMagick where heap use-after-free was found in coders/bmp.c. CVE-2023-5341 Tenable has...