AlmaLinux 10 : thunderbird (ALSA-2026:6342)

The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:6342 advisory. firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-4701 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.3...

AlmaLinux 9 : firefox (ALSA-2026:5930)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:5930 advisory. firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-4701 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.34...

AlmaLinux 8 : firefox (ALSA-2026:5932)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:5932 advisory. firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-4701 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.34...

CVE-2026-4709 vulnerabilities

Vulnerabilities for packages: firefox...

CVE-2026-4709

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Audio/Video: GMP component...

CVE-2026-4709

creationtimestamp| type| source ---|---|--- 2026-03-25 04:01:24+00:00| seen| https://bsky.app/profile/slackers.it/post/3mhu7d4cn4y23...

firefox-esr-140.9.0-1.1 on GA media (moderate)

firefox-esr-140.9.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10413-1 Rating: moderate Cross-References: CVE-2025-59375 CVE-2026-4684 CVE-2026-4685 CVE-2026-4686 CVE-2026-4687 CVE-2026-4688 CVE-2026-4689 CVE-2026-4690 CVE-2026-4691 CVE-2026-4692 CVE-2026-4693 CVE-2026-4694 CVE-2026-4695...

CVE-2026-4709

Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

CVE-2026-4709

Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

CVE-2023-4709

A vulnerability classified as problematic has been found in TOTVS RM 12.1. Affected is an unknown function of the file Login.aspx of the component Portal. The manipulation of the argument VIEWSTATE leads to cross site scripting. It is possible to launch the attack remotely. The complexity of an...

CVE-2012-4709

Invensys Wonderware InTouch HMI 2012 R2 and earlier allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service CPU and memory consumption via an XML document containing an external entity declaration in conjunction with an entity referenc...

CVE-2009-4709

SQL injection vulnerability in the datamints Newsticker datamintsnewsticker extension before 0.7.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2025-4709

creationtimestamp| type| source ---|---|--- 2025-05-15 19:03:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpa7cwy7ck2w...

CVE-2025-4709

A vulnerability classified as critical was found in Campcodes Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/transactiondel.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The...

CVE-2024-4709 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.16 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘subject’ parameter in versions up to, and including, 5.1.16 due to insufficient input sanitization and output escaping. This makes i...

Rocky Linux 8 : librsvg2 (RLSA-2020:4709)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2020:4709 advisory. - In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The...

CVE-2018-4709

Rejected reason: This candidate is unused by its CNA...

CVE-2023-4709

creationtimestamp| type| source ---|---|--- 2023-09-01 22:14:00+00:00| seen| https://t.me/cibsecurity/69681 2025-05-27 06:48:30+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17609...

CVE-2023-4709

TOTVS RM 12.1 Portal.Login.aspx vulnerable to cross-site scripting via VIEWSTATE manipulation. Impact described as remote exploitation with high attack complexity and low/none exploitation risk in defaults, but configurable environments can still be affected. Affected component: Login.aspx in Por...

CVE-2022-4709

creationtimestamp| type| source ---|---|--- 2023-01-10 20:28:41+00:00| seen| https://t.me/cibsecurity/56245...