Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

AlmaLinux 10 : thunderbird (ALSA-2026:6342)

The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:6342 advisory. firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-4701 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.3...

AlmaLinux 9 : firefox (ALSA-2026:5930)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:5930 advisory. firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-4701 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.34...

AlmaLinux 8 : firefox (ALSA-2026:5932)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:5932 advisory. firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-4701 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.34...

CVE-2026-4715 vulnerabilities

Vulnerabilities for packages: firefox...

CVE-2026-4715 vulnerabilities

Vulnerabilities for packages: firefox...

CVE-2026-4715

creationtimestamp| type| source ---|---|--- 2026-03-25 01:00:35+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhtv7tbtgd27 2026-03-25 04:01:25+00:00| seen| https://bsky.app/profile/slackers.it/post/3mhu7d5fxxt2w 2026-03-29 17:00:00+00:00| seen|...

Linux Distros Unpatched Vulnerability : CVE-2026-4715

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uninitialized memory in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

firefox-esr-140.9.0-1.1 on GA media (moderate)

firefox-esr-140.9.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10413-1 Rating: moderate Cross-References: CVE-2025-59375 CVE-2026-4684 CVE-2026-4685 CVE-2026-4686 CVE-2026-4687 CVE-2026-4688 CVE-2026-4689 CVE-2026-4690 CVE-2026-4691 CVE-2026-4692 CVE-2026-4693 CVE-2026-4694 CVE-2026-4695...

CVE-2026-4715

Uninitialized memory in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

DEBIAN-CVE-2026-4715

Uninitialized memory in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

CVE-2026-4715

Uninitialized memory in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

CVE-2026-4715

Uninitialized memory in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

Oracle Linux 10 : vim (ELSA-2026-4715)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-4715 advisory. 9.1.083-6.0.1.el101.1 - Remove upstream references Orabug: 31197557 2:9.1.083-6.1 - RHEL-147922 CVE-2026-25749 vim: Heap Overflow in Vim Tenable has extracted...

RHEL 10 : vim (RHSA-2026:4715)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:4715 advisory. Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Vim: Arbitrary code execution via 'helpfile' option...

MiracleLinux 7 : libreoffice-5.3.6.1-24.el7 (AXSA:2020-4715:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4715:01 advisory. libreoffice: LibreLogo script can be manipulated into executing arbitrary python commands CVE-2019-9848 libreoffice: Insufficient URL validation...

CVE-2022-4715

The Structured Content WordPress plugin before 1.5.1 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

CVE-2010-4715

Multiple directory traversal vulnerabilities in the 1 WebAccess Agent and 2 Document Viewer Agent components in Novell GroupWise before 8.02HP allow remote attackers to read arbitrary files via unspecified vectors. NOTE: some of these details are obtained from third party information...

CVE-2025-4715 Campcodes Sales and Inventory System view_application.php sql injection

A vulnerability was found in Campcodes Sales and Inventory System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /pages/viewapplication.php. The manipulation of the argument cid leads to sql injection. The attack can be launched...

CVE-2025-4715

Campcodes Sales and Inventory System 1.0 contains a SQL injection in the /pages/view_application.php file. The vulnerability is triggered by manipulating the cid parameter, allowing remote exploitation. Multiple sources in the provided documents confirm the issue and its public disclosure, with n...