Search CVE reports
1 – 10 of 35 results
CVE-2011-1094
Medium prioritySome fixes available 3 of 9
kio/kio/tcpslavebase.cpp in KDE KSSL in kdelibs before 4.6.1 does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof...
2 affected packages
kde4libs, kdelibs
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kde4libs | — | — | — | — | — |
| kdelibs | — | — | — | — | — |
CVE-2010-1730
Low priorityDolphin Browser 2.5.0 on the HTC Hero allows remote attackers to cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop.
3 affected packages
kde4libs, kdelibs, qt4-x11
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kde4libs | — | — | — | — | — |
| kdelibs | — | — | — | — | — |
| qt4-x11 | — | — | — | — | — |
CVE-2009-3933
Low priorityWebKit before r50173, as used in Google Chrome before 3.0.195.32, allows remote attackers to cause a denial of service (CPU consumption) via a web page that calls the JavaScript setInterval method, which triggers...
4 affected packages
kde4libs, kdelibs, qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kde4libs | — | — | — | — | — |
| kdelibs | — | — | — | — | — |
| qt4-x11 | — | — | — | — | — |
| webkit | — | — | — | — | — |
CVE-2009-2702
Medium prioritySome fixes available 9 of 11
KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL...
2 affected packages
kde4libs, kdelibs
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kde4libs | — | — | — | — | — |
| kdelibs | — | — | — | — | — |
CVE-2009-3015
Low priorityQtWeb 3.0 Builds 001 and 003 does not properly block javascript: and data: URIs in Refresh and Location headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to...
4 affected packages
kde4libs, kdelibs, qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kde4libs | — | — | — | — | — |
| kdelibs | — | — | — | — | — |
| qt4-x11 | — | — | — | — | — |
| webkit | — | — | — | — | — |
CVE-2009-2200
Low priorityWebKit in Apple Safari before 4.0.3 does not properly restrict the URL scheme of the pluginspage attribute of an EMBED element, which allows user-assisted remote attackers to launch arbitrary file: URLs and obtain sensitive...
4 affected packages
kde4libs, kdelibs, qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kde4libs | — | — | — | — | — |
| kdelibs | — | — | — | — | — |
| qt4-x11 | — | — | — | — | — |
| webkit | — | — | — | — | — |
CVE-2009-1725
Medium prioritySome fixes available 4 of 21
WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly...
4 affected packages
kde4libs, kdelibs, qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kde4libs | — | — | — | — | — |
| kdelibs | — | — | — | — | — |
| qt4-x11 | — | — | — | — | — |
| webkit | — | — | — | — | — |
CVE-2009-0689
Medium prioritySome fixes available 13 of 15
Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2,...
3 affected packages
kde4libs, kdelibs, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kde4libs | — | — | — | — | — |
| kdelibs | — | — | — | — | — |
| thunderbird | — | — | — | — | — |
CVE-2009-2061
Low prioritySome fixes available 12 of 22
Mozilla Firefox before 3.0.10 processes a 3xx HTTP CONNECT response before a successful SSL handshake, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying this CONNECT...
8 affected packages
firefox, kde4libs, kdelibs, qt4-x11, seamonkey...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| kde4libs | — | — | — | — | — |
| kdelibs | — | — | — | — | — |
| qt4-x11 | — | — | — | — | — |
| seamonkey | — | — | — | — | — |
| webkit | — | — | — | — | — |
| xulrunner-1.9 | — | — | — | — | — |
| xulrunner-1.9.1 | — | — | — | — | — |
CVE-2009-1698
Medium prioritySome fixes available 13 of 16
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a...
4 affected packages
kde4libs, kdelibs, qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kde4libs | — | — | — | — | — |
| kdelibs | — | — | — | — | — |
| qt4-x11 | — | — | — | — | — |
| webkit | — | — | — | — | — |