Search CVE reports
5071 – 5080 of 44072 results
This issue was addressed through improved state management. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing maliciously crafted web content may...
5 affected packages
webkitgtk, webkit2gtk, qtwebkit-source, qtwebkit-opensource-src, wpewebkit
| Package | 16.04 LTS |
|---|---|
| webkitgtk | Ignored |
| webkit2gtk | Ignored |
| qtwebkit-source | Ignored |
| qtwebkit-opensource-src | Ignored |
| wpewebkit | — |
The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing web content may lead to a denial-of-service.
5 affected packages
webkitgtk, webkit2gtk, qtwebkit-source, qtwebkit-opensource-src, wpewebkit
| Package | 16.04 LTS |
|---|---|
| webkitgtk | Ignored |
| webkit2gtk | Ignored |
| qtwebkit-source | Ignored |
| qtwebkit-opensource-src | Ignored |
| wpewebkit | — |
A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3. Copying a URL from Web Inspector may lead to command injection.
5 affected packages
webkitgtk, webkit2gtk, qtwebkit-source, qtwebkit-opensource-src, wpewebkit
| Package | 16.04 LTS |
|---|---|
| webkitgtk | Ignored |
| webkit2gtk | Ignored |
| qtwebkit-source | Ignored |
| qtwebkit-opensource-src | Ignored |
| wpewebkit | — |
The issue was addressed with improved access restrictions to the file system. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, visionOS 2.3. A maliciously crafted webpage may be able to fingerprint...
5 affected packages
webkitgtk, webkit2gtk, qtwebkit-source, qtwebkit-opensource-src, wpewebkit
| Package | 16.04 LTS |
|---|---|
| webkitgtk | Ignored |
| webkit2gtk | Ignored |
| qtwebkit-source | Ignored |
| qtwebkit-opensource-src | Ignored |
| wpewebkit | — |
The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.2, tvOS 18.2, Safari 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing maliciously crafted web content may lead to...
5 affected packages
webkitgtk, webkit2gtk, qtwebkit-source, qtwebkit-opensource-src, wpewebkit
| Package | 16.04 LTS |
|---|---|
| webkitgtk | Ignored |
| webkit2gtk | Ignored |
| qtwebkit-source | Ignored |
| qtwebkit-opensource-src | Ignored |
| wpewebkit | — |
Cacti is an open source performance and fault management framework. Some of the data stored in automation_tree_rules.php is not thoroughly checked and is used to concatenate the SQL statement in build_rule_item_filter() function...
1 affected package
cacti
| Package | 16.04 LTS |
|---|---|
| cacti | Needs evaluation |
Cacti is an open source performance and fault management framework. An authenticated Cacti user can abuse graph creation and graph template functionality to create arbitrary PHP scripts in the web root of the application, leading...
1 affected package
cacti
| Package | 16.04 LTS |
|---|---|
| cacti | Needs evaluation |
fastd is a VPN daemon which tunnels IP packets and Ethernet frames over UDP. When receiving a data packet from an unknown IP address/port combination, fastd will assume that one of its connected peers has moved to a new address...
1 affected package
fastd
| Package | 16.04 LTS |
|---|---|
| fastd | Needs evaluation |
Cacti is an open source performance and fault management framework. Due to a flaw in multi-line SNMP result parser, authenticated users can inject malformed OIDs in the response. When processed by ss_net_snmp_disk_io()...
1 affected package
cacti
| Package | 16.04 LTS |
|---|---|
| cacti | Needs evaluation |
A cross-site scripting (XSS) vulnerability in the Product module of Dolibarr v21.0.0-beta allows attackers to execute arbitrary web scripts or HTMl via a crafted payload injected into the Title parameter.
1 affected package
dolibarr
| Package | 16.04 LTS |
|---|---|
| dolibarr | Needs evaluation |