Search CVE reports
311 – 320 of 355 results
CVE-2009-2797
Low prioritySome fixes available 1 of 8
The WebKit component in Safari in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not remove usernames and passwords from URLs sent in Referer headers, which allows remote attackers to obtain sensitive...
2 affected packages
qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qt4-x11 | — | — | — | — | — |
| webkit | — | — | — | — | — |
CVE-2009-2700
Medium prioritySome fixes available 4 of 5
src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to...
1 affected packages
qt4-x11
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qt4-x11 | — | — | — | — | — |
CVE-2009-3015
Low priorityQtWeb 3.0 Builds 001 and 003 does not properly block javascript: and data: URIs in Refresh and Location headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to...
4 affected packages
kde4libs, kdelibs, qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kde4libs | — | — | — | — | — |
| kdelibs | — | — | — | — | — |
| qt4-x11 | — | — | — | — | — |
| webkit | — | — | — | — | — |
CVE-2009-2200
Low priorityWebKit in Apple Safari before 4.0.3 does not properly restrict the URL scheme of the pluginspage attribute of an EMBED element, which allows user-assisted remote attackers to launch arbitrary file: URLs and obtain sensitive...
4 affected packages
kde4libs, kdelibs, qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kde4libs | — | — | — | — | — |
| kdelibs | — | — | — | — | — |
| qt4-x11 | — | — | — | — | — |
| webkit | — | — | — | — | — |
CVE-2009-2195
Medium priorityBuffer overflow in WebKit in Apple Safari before 4.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted floating-point numbers.
2 affected packages
qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qt4-x11 | — | — | — | — | — |
| webkit | — | — | — | — | — |
CVE-2009-1724
Low priorityCross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script...
2 affected packages
qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qt4-x11 | — | — | — | — | — |
| webkit | — | — | — | — | — |
CVE-2009-2419
Medium priorityUse-after-free vulnerability in the servePendingRequests function in WebCore in WebKit in Apple Safari 4.0 and 4.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a...
2 affected packages
qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qt4-x11 | — | — | — | — | — |
| webkit | — | — | — | — | — |
CVE-2009-1725
Medium prioritySome fixes available 4 of 21
WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly...
4 affected packages
kde4libs, kdelibs, qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kde4libs | — | — | — | — | — |
| kdelibs | — | — | — | — | — |
| qt4-x11 | — | — | — | — | — |
| webkit | — | — | — | — | — |
CVE-2009-1692
Low priorityWebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Safari, and other software, allows remote attackers to cause a denial of service (memory consumption or device reset)...
2 affected packages
qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qt4-x11 | — | — | — | — | — |
| webkit | — | — | — | — | — |
CVE-2009-2061
Low prioritySome fixes available 12 of 22
Mozilla Firefox before 3.0.10 processes a 3xx HTTP CONNECT response before a successful SSL handshake, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying this CONNECT...
8 affected packages
firefox, kde4libs, kdelibs, qt4-x11, seamonkey...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| kde4libs | — | — | — | — | — |
| kdelibs | — | — | — | — | — |
| qt4-x11 | — | — | — | — | — |
| seamonkey | — | — | — | — | — |
| webkit | — | — | — | — | — |
| xulrunner-1.9 | — | — | — | — | — |
| xulrunner-1.9.1 | — | — | — | — | — |