Search CVE reports


Toggle filters

11 – 20 of 25 results


CVE-2011-1094

Medium priority

Some fixes available 3 of 9

kio/kio/tcpslavebase.cpp in KDE KSSL in kdelibs before 4.6.1 does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof...

2 affected packages

kde4libs, kdelibs

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
kde4libs
kdelibs
Show less packages

CVE-2010-1730

Low priority
Ignored

Dolphin Browser 2.5.0 on the HTC Hero allows remote attackers to cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop.

3 affected packages

kde4libs, kdelibs, qt4-x11

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
kde4libs
kdelibs
qt4-x11
Show less packages

CVE-2009-3933

Low priority
Ignored

WebKit before r50173, as used in Google Chrome before 3.0.195.32, allows remote attackers to cause a denial of service (CPU consumption) via a web page that calls the JavaScript setInterval method, which triggers...

4 affected packages

kde4libs, kdelibs, qt4-x11, webkit

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
kde4libs
kdelibs
qt4-x11
webkit
Show less packages

CVE-2009-2702

Medium priority

Some fixes available 9 of 11

KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL...

2 affected packages

kde4libs, kdelibs

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
kde4libs
kdelibs
Show less packages

CVE-2009-3015

Low priority
Ignored

QtWeb 3.0 Builds 001 and 003 does not properly block javascript: and data: URIs in Refresh and Location headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to...

4 affected packages

kde4libs, kdelibs, qt4-x11, webkit

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
kde4libs
kdelibs
qt4-x11
webkit
Show less packages

CVE-2009-2200

Low priority
Ignored

WebKit in Apple Safari before 4.0.3 does not properly restrict the URL scheme of the pluginspage attribute of an EMBED element, which allows user-assisted remote attackers to launch arbitrary file: URLs and obtain sensitive...

4 affected packages

kde4libs, kdelibs, qt4-x11, webkit

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
kde4libs
kdelibs
qt4-x11
webkit
Show less packages

CVE-2009-1725

Medium priority

Some fixes available 4 of 21

WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly...

4 affected packages

kde4libs, kdelibs, qt4-x11, webkit

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
kde4libs
kdelibs
qt4-x11
webkit
Show less packages

CVE-2009-0689

Medium priority

Some fixes available 13 of 15

Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2,...

3 affected packages

kde4libs, kdelibs, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
kde4libs
kdelibs
thunderbird
Show less packages

CVE-2009-2061

Low priority

Some fixes available 12 of 22

Mozilla Firefox before 3.0.10 processes a 3xx HTTP CONNECT response before a successful SSL handshake, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying this CONNECT...

8 affected packages

firefox, kde4libs, kdelibs, qt4-x11, seamonkey...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
kde4libs
kdelibs
qt4-x11
seamonkey
webkit
xulrunner-1.9
xulrunner-1.9.1
Show all 8 packages Show less packages

CVE-2009-1709

Medium priority

Some fixes available 1 of 2

Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application...

4 affected packages

kde4libs, kdegraphics, qt4-x11, webkit

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
kde4libs
kdegraphics
qt4-x11
webkit
Show less packages