80 matches found
CVE-2026-4690 vulnerabilities
Vulnerabilities for packages: firefox...
CVE-2026-4690 vulnerabilities
Vulnerabilities for packages: firefox...
CVE-2026-4690
creationtimestamp| type| source ---|---|--- 2026-03-25 03:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/mozilla-products-multiple-vulnerabilities20260325 2026-03-25 03:00:13+00:00| seen| https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/ 2026-03-25 04:01:18+00:00| seen|...
firefox-esr-140.9.0-1.1 on GA media (moderate)
firefox-esr-140.9.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10413-1 Rating: moderate Cross-References: CVE-2025-59375 CVE-2026-4684 CVE-2026-4685 CVE-2026-4686 CVE-2026-4687 CVE-2026-4688 CVE-2026-4689 CVE-2026-4690 CVE-2026-4691 CVE-2026-4692 CVE-2026-4693 CVE-2026-4694 CVE-2026-4695...
CVE-2026-4690
Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
CVE-2026-4690
Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
Linux Distros Unpatched Vulnerability : CVE-2025-4690
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A regular expression used by AngularJS' linky https://docs.angularjs.org/api/ngSanitize/filter/linky filter to detect URLs in input text is vulnerable to...
EUVD-2014-4795
Malware in sbrugna...
EUVD-2014-0399
Malware in sbrugna...
CVE-2025-4690
A regular expression used by AngularJS' linky https://docs.angularjs.org/api/ngSanitize/filter/linky filter to detect URLs in input text is vulnerable to super-linear runtime due to backtracking. With a large carefully-crafted input, this can cause a Regular expression Denial of Service ReDoS...
net.aequologica.neo:geppaequo-tags (>=0.5.3 <=0.6.0), net.aequologica.neo:geppaequo-web (>=0.5.3 <=0.6.0) +4 more potentially affected by CVE-2025-4690 via org.webjars.npm:angular-sanitize (>=1.5.0-beta.0 <=1.8.3)
org.webjars.npm:angular-sanitize MAVEN version =1.5.0-beta.0, =0.5.3, =0.5.3, =0.6.0 - org.webjars.npm:angular-auto-complete =1.7.4 - org.webjars.npm:angular-material-calendar =0.2.14 - org.webjars.npm:angular-schema-form =0.8.13 - org.webjars.npm:github-com-showdownjs-ng-showdown =1.1.0 Source...
com.github.grantlittle:bdd-reporting-server (>=0.1.5 <=0.1.7), com.github.grantlittle:bdd-reporting-service (=0.1.9) +59 more potentially affected by CVE-2025-4690 via org.webjars.bower:angular-sanitize (>=1.2.29 <=1.8.2)
org.webjars.bower:angular-sanitize MAVEN version =1.2.29, =0.1.5, =0.5.0, =0.5.0, =0.5.1, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.1 and more Source cves: CVE-2025-4690 Source advisory: SNYK:JAVA-ORGWEBJARSBOWER-12177873...
CVE-2025-4690
creationtimestamp| type| source ---|---|--- 2025-08-19 13:33:36+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115055684227363955...
CVE-2024-4690
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below...
CVE-2011-4690
Opera 11.60 and earlier does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code...
CVE-2005-4690
Six Apart Movable Type 3.16 allows local users with blog-creation privileges to create or overwrite arbitrary files of certain types such as HTML and image files by selecting an arbitrary directory as a blog's top-level directory. NOTE: this issue can be used in conjunction with CVE-2005-3102 to...
CVE-2024-4690
creationtimestamp| type| source ---|---|--- 2024-10-16 19:44:14+00:00| seen| https://t.me/cvedetector/8101...
CVE-2024-4690 Insecure usage for DocumentBuilderFactory and TransformerFactory in OpenText Application Automation Tools
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below...
CVE-2024-4690
CVE-2024-4690 affects the OpenText Application Automation Tools Plugin for Jenkins (versions 24.1.0 and earlier). The root cause is improper configuration of XML parsers, enabling XML external entity (XXE) attacks and DTD Injection when processing input files for build steps. Reported impact incl...
CVE-2024-4690 Insecure usage for DocumentBuilderFactory and TransformerFactory in OpenText Application Automation Tools
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below...