MINI-2689-88FM-WX27

Bulletin has no description...

angr (>=9.2.187 <=9.2.214), angr-management (>=9.2.187 <=9.2.214) +25 more potentially affected by unknown CVE via uefi-firmware (=1.11.0)

uefi-firmware PYPI version =1.11.0 is affected by a known vulnerability. The following packages have a transitive dependency on uefi-firmware and may be impacted: - angr =9.2.187, =9.2.187, =1.0.0rc2, =1.0.7, =1.0.4, =9.2.7, =0.0.1, =9.2.187, =1.0.3, =0.1.0, =2.3.2, =0.1.0, =0.1.5 and more Source...

CVE-2026-2689

creationtimestamp| type| source ---|---|--- 2026-02-20 04:20:11+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mfbayertpa2u...

CVE-2023-2689

A vulnerability classified as critical was found in SourceCodester Billing Management System 1.0. This vulnerability affects unknown code of the file editproduct.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack can be initiated...

CVE-2022-2689

A vulnerability classified as problematic has been found in SourceCodester Wedding Hall Booking System. Affected is an unknown function of the file /whbs/?page=contactus of the component Contact Page. The manipulation of the argument Message leads to cross site scripting. It is possible to launch...

CVE-2020-2689

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle V...

CVE-2005-2689

Multiple cross-site scripting XSS vulnerabilities in PostNuke 0.760-RC4b allows remote attackers to inject arbitrary web script or HTML via 1 the moderate parameter to the Comments module or 2 htmltext parameter to html/user.php...

CVE-2025-2689 yiisoft Yii2 SortableIterator.php getIterator deserialization

A vulnerability, which was classified as critical, has been found in yiisoft Yii2 up to 2.0.45. Affected by this issue is the function getIterator of the file symfony\finder\Iterator\SortableIterator.php. The manipulation leads to deserialization. The attack may be launched remotely. The exploit...

CVE-2025-2689 yiisoft Yii2 SortableIterator.php getIterator deserialization

A vulnerability, which was classified as critical, has been found in yiisoft Yii2 up to 2.0.45. Affected by this issue is the function getIterator of the file symfony\finder\Iterator\SortableIterator.php. The manipulation leads to deserialization. The attack may be launched remotely. The exploit...

Linux Distros Unpatched Vulnerability : CVE-2011-2689

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The gfs2fallocate function in fs/gfs2/file.c in the Linux kernel before 3.0-rc1 does not ensure that the size of a chunk allocation is a multiple of the block...

Amazon Linux 2 : zziplib (ALAS-2024-2689)

The version of zziplib installed on the remote host is prior to 0.13.62-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2689 advisory. An issue was discovered in function zzipdiskentrytofileheader in mmapped.c in zziplib 0.13.69, which will lead to a...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2689)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CGA-8HQ8-2689-RC8H

Bulletin has no description...

CVE-2024-2689 Denial of Service if invalid UTF-8 sent

Denial of Service in Temporal Server prior to version 1.20.5, 1.21.6, and 1.22.7 allows an authenticated user who has permissions to interact with workflows and has crafted an invalid UTF-8 string for submission to potentially cause a crashloop. If left unchecked, the task containing the invalid...

CVE-2024-2689 Denial of Service if invalid UTF-8 sent

Denial of Service in Temporal Server prior to version 1.20.5, 1.21.6, and 1.22.7 allows an authenticated user who has permissions to interact with workflows and has crafted an invalid UTF-8 string for submission to potentially cause a crashloop. If left unchecked, the task containing the invalid...

Oracle Linux 5 : kernel (ELSA-2011-1065)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-1065 advisory. - xen hvm: secure vmx cpuid Andrew Jones 706325 CVE-2011-1936 - xen hvm: secure svmcraccess Andrew Jones 703716 CVE-2011-1780 - xen hvm: svm support...

CVE-2023-2689

creationtimestamp| type| source ---|---|--- 2023-05-14 12:28:39+00:00| seen| https://t.me/cibsecurity/64074...

CVE-2023-2689

The CVE-2023-2689 issue affects SourceCodester Billing Management System 1.0, specifically the file editproduct.php in the GET Parameter Handler. The vulnerability arises from unvalidated input in the id parameter, enabling SQL injection. Evidence across multiple sources confirms remote exploitab...

K04246541: MySQL vulnerabilities CVE-2019-2689, CVE-2019-2691, CVE-2019-2693, CVE-2019-2694, and CVE-2019-2695

Security Advisory Description CVE-2019-2689 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...

SUSE CVE-2009-2689

JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via an untrusted 1 applet or 2 application...