MINI-2G65-WHFP-7389

Bulletin has no description...

CVE-2026-7389

creationtimestamp| type| source ---|---|--- 2026-04-29 18:46:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mknr4o3cid2q...

CVE-2026-7389 EyouCMS common.php GetSortData sql injection

A security vulnerability has been detected in EyouCMS up to 1.7.9. The affected element is the function GetSortData of the file application/common.php. The manipulation of the argument sortasc leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed publicly an...

MINI-7389-55G4-CQ7X

Bulletin has no description...

CVE-2025-7389

A vulnerability in the AdminServer component of OpenEdge on all supported platforms grants its authenticated users OS-level access to the server through the adopted authority of the AdminServer process itself. The delegated authority of the AdminServer could allow its users the ability to read...

CVE-2025-7389

CVE-2025-7389 describes a vulnerability in the OpenEdge AdminServer component where authenticated users could gain OS-level access and read arbitrary host files via misused methods exposed through the RMI interface, specifically the prototypes like setFile() and openFile() . The issue hinges on t...

RockyLinux 9 : buildah (RLSA-2025:7389)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:7389 advisory. go-jose: Go JOSE's Parsing Vulnerable to Denial of Service CVE-2025-27144 Tenable has extracted the preceding description block directly from the RockyLinux...

Oracle Linux 9 : buildah (ELSA-2025-7389)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-7389 advisory. 1.39.4-1.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117178 2:1.39.4-1 - update to...

AlmaLinux 9 : buildah (ALSA-2025:7389)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:7389 advisory. go-jose: Go JOSE's Parsing Vulnerable to Denial of Service CVE-2025-27144 Tenable has extracted the preceding description block directly from the AlmaLinux securit...

CVE-2024-7389

creationtimestamp| type| source ---|---|--- 2024-08-02 08:09:58+00:00| seen| https://t.me/cvedetector/2327...

CVE-2024-7389

The Forminator plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.29.1 via class-forminator-addon-hubspot-wp-api.php. This makes it possible for unauthenticated attackers to extract the HubSpot integration developer API key and make...

CVE-2024-7389 Forminator <= 1.29.1 - HubSpot Developer API Key Sensitive Information Exposure

The Forminator plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.29.1 via class-forminator-addon-hubspot-wp-api.php. This makes it possible for unauthenticated attackers to extract the HubSpot integration developer API key and make...

CVE-2020-7389

Sage X3 CVE-2020-7389 is a Command Injection vulnerability in the CHAINE Variable Script path. An authenticated user with developer access can pass OS commands through this variable used by the web application; this developer configuration should not be deployed in production. The connected sourc...

CVE-2019-7389

An issue was discovered in /bin/goahead on D-Link DIR-823G devices with the firmware 1.02B03. There is incorrect access control allowing remote attackers to reset the router without authentication via the SetFactoryDefault HNAP API. Consequently, an attacker can achieve a denial-of-service attack...

CVE-2019-7389

Summary: CVE-2019-7389 affects D-Link DIR-823G devices (firmware 1.02B03) due to an incorrect access control in /bin/goahead that allows unauthenticated remote reset via the SetFactoryDefault HNAP API, enabling a denial-of-service condition. Affected component: /bin/goahead on the DIR-823G. Root ...

CVE-2013-7389

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/dlinkhedwigcgibof.rb 2018-05-29 15:50:33+00:00| seen|...

NVIDIA Linux GPU Display Driver contains missing permissions check and improper validation vulnerabilities - us

Lenovo Security Advisory: LEN-10962 Potential Impact: Privilege escalation Severity: Medium Scope of Impact: Industry-Wide CVE Identifier: CVE-2016-7382, CVE-2016-7389 Summary Description: The NVIDIA GPU Display Driver for Linux contains two privilege escalation vulnerabilities. CVE-2016-7382...

CVE-2017-7389

CVE-2017-7389 affects Open eClass Release_3.5.4. The vulnerability is a Cross-Site Scripting (XSS) due to insufficient filtering of user-supplied data (meeting_id, user) passed to the openeclass-master/modules/tc/webconf/webconf.php URL. An attacker could cause the browser to execute arbitrary HT...

CVE-2016-7389

The CVE-2016-7389 issue affects NVIDIA GPU Display Driver for Linux on NVIDIA Quadro, NVS, GeForce, and Tesla products. It involves the kernel-mode layer (nvidia.ko) mmap() handler with improper input validation, enabling privilege escalation by gaining access to arbitrary physical memory. Affect...

Ubuntu: Security Advisory (USN-3122-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...