CVE-2026-3589

The WooCommerce WordPress plugin from versions 5.4.0 to 10.5.2 does not properly handle batch requests, which could allow unauthenticated users to make a logged in admin call non store/WC REST endpoints, and create arbitrary admin users via a CSRF attack for example...

MiracleLinux 3 : kexec-tools-1.102pre-154.0.1.AXS3 (AXSA:2012-274:02)

The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2012-274:02 advisory. kexec-tools provides /sbin/kexec binary that facilitates a new kernel to boot using the kernel's kexec feature either on a normal or a panic reboot...

MiracleLinux 4 : kexec-tools-2.0.0-209.AXS4 (AXSA:2012-12:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2012-12:01 advisory. kexec-tools provides /sbin/kexec binary that facilitates a new kernel to boot using the kernel's kexec feature either on a normal or a panic reboot...

MINI-8V54-P2CX-3589

Bulletin has no description...

EUVD-2008-6096

Malware in sbrugna...

MINI-3589-6QHX-3QHH

Bulletin has no description...

CVE-2023-3589

A Cross-Site Request Forgery CSRF vulnerability affecting Teamwork Cloud from No Magic Release 2021x through No Magic Release 2022x could allow with some very specific conditions an attacker to send a specifically crafted query to the server...

CVE-2013-3589

Cross-site scripting XSS vulnerability in the login page in the Administrative Web Interface on Dell iDRAC6 monolithic devices with firmware before 1.96 and iDRAC7 devices with firmware before 1.46.45 allows remote attackers to inject arbitrary web script or HTML via the ErrorMsg parameter...

CVE-2009-3589

incron 0.5.5 does not initialize supplementary groups when running a process from a user's incrontabs, which causes the process to be run with the incrond supplementary groups and allows local users to gain privileges via an incrontab table...

CVE-2025-3589

A vulnerability, which was classified as critical, was found in SourceCodester Music Class Enrollment System 1.0. Affected is an unknown function of the file /manageclass.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2025-3589 SourceCodester Music Class Enrollment System manage_class.php sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Music Class Enrollment System 1.0. Affected is an unknown function of the file /manageclass.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has...

RHEL 9 : firefox (RHSA-2025:3589)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:3589 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

Linux Distros Unpatched Vulnerability : CVE-2014-3589

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PIL/IcnsImagePlugin.py in Python Imaging Library PIL and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a...

Amazon Linux 2 : python-pillow (ALAS-2025-2768)

The version of python-pillow installed on the remote host is prior to 2.0.0-23.gitd1c6db8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2768 advisory. PIL/IcnsImagePlugin.py in Python Imaging Library PIL and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote...

Medium: python-pillow

Issue Overview: PIL/IcnsImagePlugin.py in Python Imaging Library PIL and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a crafted block size. CVE-2014-3589 Affected Packages: python-pillow Note: This advisory is applicable to Amazon Linux 2 AL2...

Medium: python-pillow

Issue Overview: PIL/IcnsImagePlugin.py in Python Imaging Library PIL and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a crafted block size. CVE-2014-3589 Affected Packages: python-pillow Note: This advisory is applicable to Amazon Linux 2 AL2...

openSUSE: Security Advisory for terraform (SUSE-SU-2023:3589-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Dell iDRAC6 Cross-site Scripting (CVE-2013-3589)

Cross-site scripting XSS vulnerability in the login page in the Administrative Web Interface on Dell iDRAC6 monolithic devices with firmware before 1.96 and iDRAC7 devices with firmware before 1.46.45 allows remote attackers to inject arbitrary web script or HTML via the ErrorMsg parameter. This...

CVE-2023-3589

creationtimestamp| type| source ---|---|--- 2023-10-09 12:15:55+00:00| seen| https://t.me/cibsecurity/71810...

CVE-2023-3589

A Cross-Site Request Forgery CSRF vulnerability affecting Teamwork Cloud from No Magic Release 2021x through No Magic Release 2022x could allow with some very specific conditions an attacker to send a specifically crafted query to the server...