Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Mageia: Security Advisory (MGASA-2026-0081)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AlmaLinux 10 : thunderbird (ALSA-2026:6342)

The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:6342 advisory. firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-4701 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.3...

AlmaLinux 9 : firefox (ALSA-2026:5930)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:5930 advisory. firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-4701 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.34...

AlmaLinux 8 : firefox (ALSA-2026:5932)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:5932 advisory. firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-4701 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.34...

CVE-2026-4685 vulnerabilities

Vulnerabilities for packages: firefox...

CVE-2026-4685 vulnerabilities

Vulnerabilities for packages: firefox...

CVE-2026-4685

creationtimestamp| type| source ---|---|--- 2026-03-25 03:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/mozilla-products-multiple-vulnerabilities20260325 2026-03-25 03:00:13+00:00| seen| https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/ 2026-03-25 04:01:17+00:00| seen|...

firefox-esr-140.9.0-1.1 on GA media (moderate)

firefox-esr-140.9.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10413-1 Rating: moderate Cross-References: CVE-2025-59375 CVE-2026-4684 CVE-2026-4685 CVE-2026-4686 CVE-2026-4687 CVE-2026-4688 CVE-2026-4689 CVE-2026-4690 CVE-2026-4691 CVE-2026-4692 CVE-2026-4693 CVE-2026-4694 CVE-2026-4695...

Linux Distros Unpatched Vulnerability : CVE-2026-4685

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbi...

CVE-2026-4685

Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

CVE-2026-4685

Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

GHSA-4685-C5CP-VP95

creationtimestamp| type| source ---|---|--- 2026-02-20 02:40:39+00:00| seen| https://gist.github.com/alon710/dd9d81556c24a9d1978023563237aa81...

CVE-2025-20782

The CVE-2025-20782 issue affects MediaTek chipsets, involving an out-of-bounds write caused by a missing bounds check. The vulnerability could allow local escalation of privilege to System if an attacker already holds System privileges, with no user interaction required. A patch is identified as ...

CVE-2025-20782

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4685...

CVE-2025-4685

creationtimestamp| type| source ---|---|--- 2025-07-21 15:32:47+00:00| seen| Telegram/urcHitXkSXG4ukDkS1c4xZjuSYp0RG7NmuyqPp7vSbNeaI...

WordPress Gutentor plugin <= 3.4.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Multiple Widgets vulnerability discovered by Webbernaut in WordPress Plugin Gutentor versions = 3.4.8...

CVE-2011-4685

Dragonfly in Opera before 11.60 allows remote attackers to cause a denial of service application crash via unspecified content on a web page, as demonstrated by forbes.com...

CVE-2024-4685

creationtimestamp| type| source ---|---|--- 2025-02-19 22:21:29+00:00| seen| Telegram/eQlTGbpc-K6IjLYXZlLwoSEyC-W3D8RZOHjXmRFJE2LAQPTw...

CVE-2024-4685 Campcodes Complete Web-Based School Management System exam_timetable.php cross site scripting

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /view/examtimetable.php. The manipulation of the argument exam leads to cross site scripting. The attack can be initiate...