Search CVE reports
1 – 10 of 35 results
Some fixes available 3 of 9
kio/kio/tcpslavebase.cpp in KDE KSSL in kdelibs before 4.6.1 does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof...
2 affected packages
kde4libs, kdelibs
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| kde4libs | — | — | — | — |
| kdelibs | — | — | — | — |
Dolphin Browser 2.5.0 on the HTC Hero allows remote attackers to cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop.
3 affected packages
kde4libs, kdelibs, qt4-x11
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| kde4libs | — | — | — | — |
| kdelibs | — | — | — | — |
| qt4-x11 | — | — | — | — |
WebKit before r50173, as used in Google Chrome before 3.0.195.32, allows remote attackers to cause a denial of service (CPU consumption) via a web page that calls the JavaScript setInterval method, which triggers...
4 affected packages
kde4libs, kdelibs, qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| kde4libs | — | — | — | — |
| kdelibs | — | — | — | — |
| qt4-x11 | — | — | — | — |
| webkit | — | — | — | — |
Some fixes available 9 of 11
KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL...
2 affected packages
kde4libs, kdelibs
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| kde4libs | — | — | — | — |
| kdelibs | — | — | — | — |
QtWeb 3.0 Builds 001 and 003 does not properly block javascript: and data: URIs in Refresh and Location headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to...
4 affected packages
kde4libs, kdelibs, qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| kde4libs | — | — | — | — |
| kdelibs | — | — | — | — |
| qt4-x11 | — | — | — | — |
| webkit | — | — | — | — |
WebKit in Apple Safari before 4.0.3 does not properly restrict the URL scheme of the pluginspage attribute of an EMBED element, which allows user-assisted remote attackers to launch arbitrary file: URLs and obtain sensitive...
4 affected packages
kde4libs, kdelibs, qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| kde4libs | — | — | — | — |
| kdelibs | — | — | — | — |
| qt4-x11 | — | — | — | — |
| webkit | — | — | — | — |
Some fixes available 4 of 21
WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly...
4 affected packages
kde4libs, kdelibs, qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| kde4libs | — | — | — | — |
| kdelibs | — | — | — | — |
| qt4-x11 | — | — | — | — |
| webkit | — | — | — | — |
Some fixes available 13 of 15
Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2,...
3 affected packages
kde4libs, kdelibs, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| kde4libs | — | — | — | — |
| kdelibs | — | — | — | — |
| thunderbird | — | — | — | — |
Some fixes available 12 of 22
Mozilla Firefox before 3.0.10 processes a 3xx HTTP CONNECT response before a successful SSL handshake, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying this CONNECT...
8 affected packages
firefox, kde4libs, kdelibs, qt4-x11, seamonkey...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| kde4libs | — | — | — | — |
| kdelibs | — | — | — | — |
| qt4-x11 | — | — | — | — |
| seamonkey | — | — | — | — |
| webkit | — | — | — | — |
| xulrunner-1.9 | — | — | — | — |
| xulrunner-1.9.1 | — | — | — | — |
Some fixes available 13 of 16
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a...
4 affected packages
kde4libs, kdelibs, qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| kde4libs | — | — | — | — |
| kdelibs | — | — | — | — |
| qt4-x11 | — | — | — | — |
| webkit | — | — | — | — |