Search CVE reports
11 – 20 of 25 results
CVE-2011-1094
Medium prioritySome fixes available 3 of 9
kio/kio/tcpslavebase.cpp in KDE KSSL in kdelibs before 4.6.1 does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof...
2 affected packages
kde4libs, kdelibs
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kde4libs | — | — | — | — | — |
| kdelibs | — | — | — | — | — |
CVE-2010-1730
Low priorityDolphin Browser 2.5.0 on the HTC Hero allows remote attackers to cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop.
3 affected packages
kde4libs, kdelibs, qt4-x11
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kde4libs | — | — | — | — | — |
| kdelibs | — | — | — | — | — |
| qt4-x11 | — | — | — | — | — |
CVE-2009-3933
Low priorityWebKit before r50173, as used in Google Chrome before 3.0.195.32, allows remote attackers to cause a denial of service (CPU consumption) via a web page that calls the JavaScript setInterval method, which triggers...
4 affected packages
kde4libs, kdelibs, qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kde4libs | — | — | — | — | — |
| kdelibs | — | — | — | — | — |
| qt4-x11 | — | — | — | — | — |
| webkit | — | — | — | — | — |
CVE-2009-2702
Medium prioritySome fixes available 9 of 11
KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL...
2 affected packages
kde4libs, kdelibs
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kde4libs | — | — | — | — | — |
| kdelibs | — | — | — | — | — |
CVE-2009-3015
Low priorityQtWeb 3.0 Builds 001 and 003 does not properly block javascript: and data: URIs in Refresh and Location headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to...
4 affected packages
kde4libs, kdelibs, qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kde4libs | — | — | — | — | — |
| kdelibs | — | — | — | — | — |
| qt4-x11 | — | — | — | — | — |
| webkit | — | — | — | — | — |
CVE-2009-2200
Low priorityWebKit in Apple Safari before 4.0.3 does not properly restrict the URL scheme of the pluginspage attribute of an EMBED element, which allows user-assisted remote attackers to launch arbitrary file: URLs and obtain sensitive...
4 affected packages
kde4libs, kdelibs, qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kde4libs | — | — | — | — | — |
| kdelibs | — | — | — | — | — |
| qt4-x11 | — | — | — | — | — |
| webkit | — | — | — | — | — |
CVE-2009-1725
Medium prioritySome fixes available 4 of 21
WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly...
4 affected packages
kde4libs, kdelibs, qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kde4libs | — | — | — | — | — |
| kdelibs | — | — | — | — | — |
| qt4-x11 | — | — | — | — | — |
| webkit | — | — | — | — | — |
CVE-2009-0689
Medium prioritySome fixes available 13 of 15
Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2,...
3 affected packages
kde4libs, kdelibs, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kde4libs | — | — | — | — | — |
| kdelibs | — | — | — | — | — |
| thunderbird | — | — | — | — | — |
CVE-2009-2061
Low prioritySome fixes available 12 of 22
Mozilla Firefox before 3.0.10 processes a 3xx HTTP CONNECT response before a successful SSL handshake, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying this CONNECT...
8 affected packages
firefox, kde4libs, kdelibs, qt4-x11, seamonkey...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| kde4libs | — | — | — | — | — |
| kdelibs | — | — | — | — | — |
| qt4-x11 | — | — | — | — | — |
| seamonkey | — | — | — | — | — |
| webkit | — | — | — | — | — |
| xulrunner-1.9 | — | — | — | — | — |
| xulrunner-1.9.1 | — | — | — | — | — |
CVE-2009-1709
Medium prioritySome fixes available 1 of 2
Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application...
4 affected packages
kde4libs, kdegraphics, qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kde4libs | — | — | — | — | — |
| kdegraphics | — | — | — | — | — |
| qt4-x11 | — | — | — | — | — |
| webkit | — | — | — | — | — |