Oracle Linux 7 : firefox (ELSA-2026-8427)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-8427 advisory. - Update to 140.9.0 ESR Orabug: 39361657CVE-2026-4684CVE-2026-4685 CVE-2026-4686CVE-2026-4687CVE-2026-4688CVE-2026-4689CVE-2026-4690...

CVE-2026-4720 vulnerabilities

Vulnerabilities for packages: firefox...

CVE-2026-4720

creationtimestamp| type| source ---|---|--- 2026-03-25 03:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/mozilla-products-multiple-vulnerabilities20260325 2026-03-25 04:01:27+00:00| seen| https://bsky.app/profile/slackers.it/post/3mhu7d6hbhv2w 2026-03-29 17:00:00+00:00| seen|...

firefox-esr-140.9.0-1.1 on GA media (moderate)

firefox-esr-140.9.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10413-1 Rating: moderate Cross-References: CVE-2025-59375 CVE-2026-4684 CVE-2026-4685 CVE-2026-4686 CVE-2026-4687 CVE-2026-4688 CVE-2026-4689 CVE-2026-4690 CVE-2026-4691 CVE-2026-4692 CVE-2026-4693 CVE-2026-4694 CVE-2026-4695...

DEBIAN-CVE-2026-4720

Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in...

CVE-2026-4720

Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in...

CVE-2014-4720

Email::Address module before 1.904 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service CPU consumption via vectors related to "backtracking into the phrase," a different vulnerability than CVE-2014-0477...

CVE-2023-4720

Floating Point Comparison with Incorrect Operator in GitHub repository gpac/gpac prior to 2.3-DEV...

CVE-2025-20779

Summary: CVE-2025-20779 describes a use-after-free vulnerability in display handling caused by a race condition, leading to local escalation of privilege if an attacker already has System privileges. The issue is exploitable without user interaction and is categorized with a local attack vector. ...

RHSA-2023:4720

creationtimestamp| type| source ---|---|--- 2025-06-18 14:41:56+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18752...

CVE-2022-4720

Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.5...

CVE-2005-4720

Mozilla Firefox 1.0.7 and earlier on Linux allows remote attackers to cause a denial of service client crash via an IFRAME element with a large value of the WIDTH attribute, which triggers a problem related to representation of floating-point numbers, leading to an infinite loop of widget resizes...

CVE-2025-4720

A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file academic/core/dropstudent.php. The manipulation of the argument img leads to path traversal. The attack can be initiated remotely...

CVE-2025-4720

creationtimestamp| type| source ---|---|--- 2025-05-15 21:33:31+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16576...

CVE-2025-4720

A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file academic/core/dropstudent.php. The manipulation of the argument img leads to path traversal. The attack can be initiated remotely...

CVE-2025-4720

The CVE-2025-4720 entry concerns SourceCodester Student Result Management System 1.0, with a path traversal vulnerability in the file academic/core/drop_student.php. The issue arises from unsafely handling the img parameter, allowing an attacker to traverse the filesystem and potentially access r...

Linux Distros Unpatched Vulnerability : CVE-2023-4720

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Floating Point Comparison with Incorrect Operator in GitHub repository gpac/gpac prior to 2.3-DEV. CVE-2023-4720 Note that Nessus relies on the presence of the...

Security Bulletin: Daeja ViewONE may return unauthorised content

Summary An authenticated user of ViewONE may be able to access ViewONE cached content that they do not have repository authorisation to view. Vulnerability Details CVEID:CVE-2020-4720 DESCRIPTION: IBM Daeja ViewONE Professional, Standard & Virtual could allow an authenticated user to obtain...

AlmaLinux 8 : httpd:2.4 (ALSA-2024:4720)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:4720 advisory. httpd: Encoding problem in modproxy CVE-2024-38473 httpd: Substitution encoding issue in modrewrite CVE-2024-38474 httpd: Improper escaping of output in...

Oracle Linux 8 : httpd:2.4 (ELSA-2024-4720)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4720 advisory. - Resolves: RHEL-45812 - httpd:2.4/httpd: Substitution encoding issue in modrewrite CVE-2024-38474 - Resolves: RHEL-45785 - httpd:2.4/httpd: Encoding...