RHEL 8 : python3 (RHSA-2026:9289)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:9289 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

MINI-P7CC-9289-JXCQ

Bulletin has no description...

MINI-H28R-9289-FQ6J

Bulletin has no description...

CVE-2019-9289

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-79883824...

Linux Distros Unpatched Vulnerability : CVE-2015-9289

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEq...

Synology Surveillance Station 安全漏洞

Synology Surveillance Station is an application from Synology Inc. of China. It provides intelligent monitoring and video management tools to protect your valuable assets. A security vulnerability exists in Synology Surveillance Station versions prior to 9.2.0-11289 and 9.2.0-9289. An attacker ca...

Fortinet Fortigate Hardcoded symmetric key in fips.c (FG-IR-19-007)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the FG-IR-19-007 advisory. - Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an...

CVE-2024-9289

creationtimestamp| type| source ---|---|--- 2024-10-01 11:54:16+00:00| seen| https://t.me/cvedetector/6725...

CVE-2024-9289 WordPress & WooCommerce Affiliate Program <= 8.4.1 - Authentication Bypass to Account Takeover and Privilege Escalation

The WordPress & WooCommerce Affiliate Program plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 8.4.1. This is due to the rtwwwaploginrequestcallback function not properly validating a user's identity prior to authenticating them to the site. This...

CVE-2024-9289

The CVE-2024-9289 affects WordPress & WooCommerce Affiliate Program (WordPress) plugin versions

WordPress Affiliate Pro - Affiliate Program for WooCommerce & WordPress Plugin <= 8.4.1 is vulnerable to Privilege Escalation

Software Affiliate Pro - Affiliate Program for WooCommerce & WordPress Type Plugin Vulnerable versions = 8.4.1 Fixed in 8.5.0 OWASP Top 10 A4: Insecure Design Classification Privilege Escalation CVE CVE-2024-9289 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID a5bcf0c87e...

CVE-2024-29228

Missing authorization vulnerability in GetStmUrlPath webapi component in Synology Surveillance Station before 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to obtain sensitive information via unspecified vectors...

PT-2024-9409 · Synology · Synology Surveillance Station

Name of the Vulnerable Software and Affected Versions: Synology Surveillance Station versions prior to 9.2.0-11289 and 9.2.0-9289 Description: The issue is related to an incorrect authorization vulnerability in the ActionRule webapi component. This vulnerability allows remote authenticated users ...

PT-2024-22824 · Synology · Synology Surveillance Station

Name of the Vulnerable Software and Affected Versions: Synology Surveillance Station versions prior to 9.2.0-9289 Synology Surveillance Station versions prior to 9.2.0-11289 Description: A missing authorization issue in the GetLiveViewPath webapi component allows remote authenticated users to...

PT-2024-22837 · Synology · Synology Surveillance Station

Name of the Vulnerable Software and Affected Versions: Synology Surveillance Station versions prior to 9.2.0-11289 Synology Surveillance Station versions prior to 9.2.0-9289 Description: A missing authorization vulnerability in the LayoutSave webapi component allows remote authenticated users to...

CVE-2020-9289

creationtimestamp| type| source ---|---|--- 2023-06-30 15:51:30+00:00| published-proof-of-concept| https://t.me/crackcodes/3780 2023-07-01 09:06:39+00:00| published-proof-of-concept| Telegram/rQMVu4dwJRh1-j8AkvL2ouV19FMmA1TDUkwtOokmEHAkfA 2023-07-06 11:08:24+00:00| published-proof-of-concept|...

Exploit for Use of Hard-coded Credentials in Fortinet Fortianalyzer

Decrypt FortiManager configuration secrets CVE-2020-9289 CV...

SUSE: Security Advisory (SUSE-SU-2019:14157-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-9289

Use of a hard-coded cryptographic key to encrypt password data in CLI configuration in FortiManager 6.2.3 and below, FortiAnalyzer 6.2.3 and below may allow an attacker with access to the CLI configuration or the CLI backup file to decrypt the sensitive data, via knowledge of the hard-coded key...

CVE-2020-9289

CVE-2020-9289 describes the use of a hard-coded cryptographic key to encrypt password data in FortiManager 6.2.3 and earlier and FortiAnalyzer 6.2.3 and earlier CLI configuration/backups. An attacker with access to the CLI configuration or CLI backup could decrypt sensitive data due to the hard-c...