CVE-2026-4140

creationtimestamp| type| source ---|---|--- 2026-04-25 20:33:05+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mkdv6y3nxl2g...

MiracleLinux 7 : firefox-91.5.0-1.0.1.el7.AXS7 (AXSA:2022-2967:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-2967:01 advisory. Mozilla: Iframe sandbox bypass with XSLT CVE-2021-4140 Mozilla: Race condition when playing audio files CVE-2022-22737 Mozilla: Heap-buffer-overflow...

openSUSE Security Advisory (SUSE-SU-2025:4140-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2021-4140

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR 91.5, Firefox 96, and...

CVE-2025-4140 Netgear EX6120 sub_30394 buffer overflow

A vulnerability, which was classified as critical, has been found in Netgear EX6120 1.0.3.94. Affected by this issue is the function sub30394. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. The vendor was contacted early about this disclosure...

CVE-2025-4140 Netgear EX6120 sub_30394 buffer overflow

A vulnerability, which was classified as critical, has been found in Netgear EX6120 1.0.3.94. Affected by this issue is the function sub30394. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. The vendor was contacted early about this disclosure...

CVE-2025-4140

creationtimestamp| type| source ---|---|--- 2025-04-30 14:58:35+00:00| seen| https://infosec.exchange/users/vuldb/statuses/114427501843653521 2025-04-30 22:14:14+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14180 2025-04-30 23:48:33+00:00| seen|...

openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:4140-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2024-0198)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2024-0198 Updated perl-Email-MIME packages fix security vulnerabilities

An excessive memory use issue CWE-770 exists in Email-MIME, before version 1.954, which can cause denial of service when parsing multipart MIME messages. The patch set from 2020 and 2024 limits excessive depth and the total number of parts. CVE-2024-4140...

Updated perl-Email-MIME packages fix security vulnerabilities

An excessive memory use issue CWE-770 exists in Email-MIME, before version 1.954, which can cause denial of service when parsing multipart MIME messages. The patch set from 2020 and 2024 limits excessive depth and the total number of parts. CVE-2024-4140...

Fedora: Security Advisory (FEDORA-2024-38fb541a75)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 40 : perl-Email-MIME (2024-032e16360b)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-032e16360b advisory. This update, to the latest upstream release, addresses an excessive memory use issue CVE-2024-4140, which can cause denial of service when parsing multi-part...

Fedora 39 : perl-Email-MIME (2024-38fb541a75)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-38fb541a75 advisory. This update, to the latest upstream release, addresses an excessive memory use issue CVE-2024-4140, which can cause denial of service when parsing multi-part...

CVE-2024-4140

An excessive memory use issue CWE-770 exists in Email-MIME, before version 1.954, which can cause denial of service when parsing multipart MIME messages. The patch set from 2020 and 2024 limits excessive depth and the total number of parts...

CVE-2024-4140

An excessive memory use issue CWE-770 exists in Email-MIME, before version 1.954, which can cause denial of service when parsing multipart MIME messages. The patch set from 2020 and 2024 limits excessive depth and the total number of parts...

CVE-2023-4140

creationtimestamp| type| source ---|---|--- 2023-08-04 07:45:45+00:00| seen| https://t.me/cibsecurity/67745...

CVE-2023-4140 WP Ultimate CSV Importer <= 7.9.8 - Arbitrary Usermeta Update to Authenticated (Author+) Privilege Escalation

The WP Ultimate CSV Importer plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 7.9.8 due to insufficient restriction on the 'getheadervalues' function. This makes it possible for authenticated attackers, with minimal permissions such as an author, if the...

CVE-2023-4140

The CVE-2023-4140 entry pertains to the WP Ultimate CSV Importer WordPress plugin. A privilege-escalation flaw exists in versions up to and including 7.9.8 due to insufficient restriction on the get_header_values function. Authenticated users with minimal permissions (e.g., authors), if an admini...

WordPress WP Ultimate CSV Importer Plugin <= 7.9.8 is vulnerable to Privilege Escalation

Software WP Ultimate CSV Importer Type Plugin Vulnerable versions = 7.9.8 Fixed in 7.9.9 OWASP Top 10 A1: Broken Access Control Classification Privilege Escalation CVE CVE-2023-4140 Patch priority Medium CVSS severity Medium 6.6 Developer Claim ownership PSID 2cf9cad320b2 Credits István Márton...