Search CVE reports
1041 – 1050 of 1231 results
WebKit in Apple Safari before 5.1.4 does not properly handle redirects in conjunction with HTTP authentication, which might allow remote web servers to capture credentials by logging the Authorization HTTP header.
3 affected packages
qtwebkit-source, webkitgtk, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qtwebkit-source | — | — | — | — |
| webkitgtk | — | — | — | — |
| webkit | — | — | — | — |
WebKit in Apple Safari before 5.1.4 does not properly implement "From third parties and advertisers" cookie blocking, which makes it easier for remote web servers to track users via a cookie.
3 affected packages
qtwebkit-source, webkitgtk, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qtwebkit-source | — | — | — | — |
| webkitgtk | — | — | — | — |
| webkit | — | — | — | — |
Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors related to...
3 affected packages
webkitgtk, qtwebkit-source, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| webkitgtk | — | — | — | — |
| qtwebkit-source | — | — | — | — |
| webkit | — | — | — | — |
Some fixes available 12 of 37
Google Chrome before 17.0.963.56 does not properly perform a cast of an unspecified variable during handling of columns, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a...
4 affected packages
chromium-browser, qtwebkit-source, webkitgtk, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| qtwebkit-source | — | — | — | — |
| webkitgtk | — | — | — | — |
| webkit | — | — | — | — |
Some fixes available 12 of 37
Google Chrome before 17.0.963.56 does not properly parse H.264 data, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
4 affected packages
chromium-browser, qtwebkit-source, webkitgtk, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| qtwebkit-source | — | — | — | — |
| webkitgtk | — | — | — | — |
| webkit | — | — | — | — |
Some fixes available 12 of 37
Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service (application crash) via an empty X.509 certificate.
4 affected packages
qtwebkit-source, webkitgtk, chromium-browser, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qtwebkit-source | — | — | — | — |
| webkitgtk | — | — | — | — |
| chromium-browser | — | — | — | — |
| webkit | — | — | — | — |
Some fixes available 12 of 37
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to drag-and-drop operations.
4 affected packages
chromium-browser, qtwebkit-source, webkit, webkitgtk
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| qtwebkit-source | — | — | — | — |
| webkit | — | — | — | — |
| webkitgtk | — | — | — | — |
Some fixes available 12 of 37
translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7 uses an HTTP session to exchange data for translation, which allows remote attackers to obtain sensitive information by sniffing the network.
4 affected packages
chromium-browser, qtwebkit-source, webkit, webkitgtk
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| qtwebkit-source | — | — | — | — |
| webkit | — | — | — | — |
| webkitgtk | — | — | — | — |
Some fixes available 12 of 37
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading.
4 affected packages
chromium-browser, qtwebkit-source, webkit, webkitgtk
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| qtwebkit-source | — | — | — | — |
| webkit | — | — | — | — |
| webkitgtk | — | — | — | — |
Some fixes available 12 of 37
Unspecified vulnerability in the Native Client validator implementation in Google Chrome before 17.0.963.56 has unknown impact and remote attack vectors.
4 affected packages
chromium-browser, qtwebkit-source, webkit, webkitgtk
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| qtwebkit-source | — | — | — | — |
| webkit | — | — | — | — |
| webkitgtk | — | — | — | — |