Oracle Linux 7 : firefox (ELSA-2026-8427)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-8427 advisory. - Update to 140.9.0 ESR Orabug: 39361657CVE-2026-4684CVE-2026-4685 CVE-2026-4686CVE-2026-4687CVE-2026-4688CVE-2026-4689CVE-2026-4690...

CVE-2026-4711 vulnerabilities

Vulnerabilities for packages: firefox...

CVE-2026-4711 vulnerabilities

Vulnerabilities for packages: firefox...

CVE-2026-4711

creationtimestamp| type| source ---|---|--- 2026-03-25 00:01:01+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhtrvceuox2s 2026-03-25 04:01:24+00:00| seen| https://bsky.app/profile/slackers.it/post/3mhu7d4cn4y23 2026-03-29 17:00:00+00:00| seen|...

firefox-esr-140.9.0-1.1 on GA media (moderate)

firefox-esr-140.9.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10413-1 Rating: moderate Cross-References: CVE-2025-59375 CVE-2026-4684 CVE-2026-4685 CVE-2026-4686 CVE-2026-4687 CVE-2026-4688 CVE-2026-4689 CVE-2026-4690 CVE-2026-4691 CVE-2026-4692 CVE-2026-4693 CVE-2026-4694 CVE-2026-4695...

EUVD-2009-4711

Malware in sbrugna...

CVE-2022-4711

The Royal Elementor Addons plugin for WordPress is vulnerable to insufficient access control in the 'wprsavemegamenusettings' AJAX action in versions up to, and including, 1.3.59. This allows any authenticated user, including those with subscriber-level permissions, to enable and modify Mega Menu...

CVE-2010-4711

Double free vulnerability in the IMAP server component in GroupWise Internet Agent GWIA in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a large parameter in a LIST command...

CVE-2009-4711

SQL injection vulnerability in the CoolURI cooluri extension before 1.0.16 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2008-6686...

CVE-2025-4711

A vulnerability, which was classified as critical, was found in Campcodes Sales and Inventory System 1.0. This affects an unknown part of the file /pages/stockinadd.php. The manipulation of the argument prodname leads to sql injection. It is possible to initiate the attack remotely. The exploit h...

CVE-2025-4711 Campcodes Sales and Inventory System stockin_add.php sql injection

A vulnerability, which was classified as critical, was found in Campcodes Sales and Inventory System 1.0. This affects an unknown part of the file /pages/stockinadd.php. The manipulation of the argument prodname leads to sql injection. It is possible to initiate the attack remotely. The exploit h...

CVE-2025-4711 Campcodes Sales and Inventory System stockin_add.php sql injection

A vulnerability, which was classified as critical, was found in Campcodes Sales and Inventory System 1.0. This affects an unknown part of the file /pages/stockinadd.php. The manipulation of the argument prodname leads to sql injection. It is possible to initiate the attack remotely. The exploit h...

CVE-2025-4711

CVE-2025-4711 affects Campcodes Sales and Inventory System 1.0. The vulnerability resides in the file /pages/stockin_add.php where manipulating the parameter prod_name leads to a SQL injection . It can be initiated remotely, and multiple sources describe the issue as critical . The connected docu...

WordPress Ajax Load More Plugin <= 7.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Ajax Load More Type Plugin Vulnerable versions = 7.1.1 Fixed in 7.1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4711 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 049ac1eade10 Credits Webbernaut Required...

CVE-2024-4711

CVE-2024-4711 affects the WordPress plugin WordPress Infinite Scroll – Ajax Load More. The vulnerability is a Stored Cross-Site Scripting (XSS) in the ajax_load_more shortcode, due to insufficient input sanitization and output escaping, exploitable by authenticated users with contributor-level pe...

CVE-2018-4711

Rejected reason: This candidate is unused by its CNA...

CVE-2023-4711

creationtimestamp| type| source ---|---|--- 2023-09-02 00:14:08+00:00| seen| https://t.me/cibsecurity/69693...

CVE-2023-4711 D-Link DAR-8000-10 decodmail.php os command injection

A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230819. Affected by this issue is some unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to os command injection. The attack may be launched remotely. Th...

CVE-2019-4711

CVE-2019-4711 is detailed in IBM’s Security Bulletin for IBM Business Automation Workflow (BAW) 19.0.0.2 with fix JR61324. The issue is an unvalidated TLS certificate import during the registration process to the Resource Registry, allowing a man‑in‑the‑middle attacker to add a signer certificate...

CVE-2022-4711

creationtimestamp| type| source ---|---|--- 2023-01-10 20:28:35+00:00| seen| https://t.me/cibsecurity/56242...