Search CVE reports
771 – 780 of 1262 results
Some fixes available 4 of 15
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web...
4 affected packages
qtwebkit-opensource-src, qtwebkit-source, webkit, webkitgtk
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qtwebkit-opensource-src | — | — | — | — |
| qtwebkit-source | — | — | — | — |
| webkit | — | — | — | — |
| webkitgtk | — | — | — | — |
The API in the WebKit Plug-ins component in Apple Safari before 9 does not provide notification of an HTTP Redirection (aka 3xx) status code to a plugin, which allows remote attackers to bypass intended request restrictions via a...
4 affected packages
qtwebkit-opensource-src, qtwebkit-source, webkit, webkitgtk
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qtwebkit-opensource-src | — | — | — | — |
| qtwebkit-source | — | — | — | — |
| webkit | — | — | — | — |
| webkitgtk | — | — | — | — |
WebKit in Apple iOS before 9 mishandles "Content-Disposition: attachment" HTTP headers, which might allow man-in-the-middle attackers to obtain sensitive information via unspecified vectors.
4 affected packages
qtwebkit-opensource-src, qtwebkit-source, webkit, webkitgtk
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qtwebkit-opensource-src | — | — | — | — |
| qtwebkit-source | — | — | — | — |
| webkit | — | — | — | — |
| webkitgtk | — | — | — | — |
WebKit in Apple iOS before 9 allows man-in-the-middle attackers to conduct redirection attacks by leveraging the mishandling of the resource cache of an SSL web site with an invalid X.509 certificate.
4 affected packages
qtwebkit-opensource-src, qtwebkit-source, webkit, webkitgtk
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qtwebkit-opensource-src | — | — | — | — |
| qtwebkit-source | — | — | — | — |
| webkit | — | — | — | — |
| webkitgtk | — | — | — | — |
WebKit in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain an object reference via vectors involving a (1) custom event, (2) message event, or (3) pop state event.
4 affected packages
qtwebkit-opensource-src, qtwebkit-source, webkit, webkitgtk
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qtwebkit-opensource-src | — | — | — | — |
| qtwebkit-source | — | — | — | — |
| webkit | — | — | — | — |
| webkitgtk | — | — | — | — |
WebKit in Apple iOS before 9 does not properly select the cases in which a Cascading Style Sheets (CSS) document is required to have the text/css content type, which allows remote attackers to bypass the Same Origin Policy via a...
4 affected packages
qtwebkit-opensource-src, qtwebkit-source, webkit, webkitgtk
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qtwebkit-opensource-src | — | — | — | — |
| qtwebkit-source | — | — | — | — |
| webkit | — | — | — | — |
| webkitgtk | — | — | — | — |
WebKit in Apple iOS before 9 does not properly restrict the availability of Performance API times, which allows remote attackers to obtain sensitive information about the browser history, mouse movement, or network traffic via...
4 affected packages
webkit, qtwebkit-opensource-src, qtwebkit-source, webkitgtk
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| webkit | — | — | — | — |
| qtwebkit-opensource-src | — | — | — | — |
| qtwebkit-source | — | — | — | — |
| webkitgtk | — | — | — | — |
WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a...
4 affected packages
qtwebkit-opensource-src, qtwebkit-source, webkit, webkitgtk
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qtwebkit-opensource-src | — | — | — | — |
| qtwebkit-source | — | — | — | — |
| webkit | — | — | — | — |
| webkitgtk | — | — | — | — |
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a...
4 affected packages
qtwebkit-opensource-src, qtwebkit-source, webkit, webkitgtk
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qtwebkit-opensource-src | — | — | — | — |
| qtwebkit-source | — | — | — | — |
| webkit | — | — | — | — |
| webkitgtk | — | — | — | — |
WebKit in Apple iOS before 9 allows remote attackers to trigger a dialing action via a crafted (1) tel://, (2) facetime://, or (3) facetime-audio:// URL.
4 affected packages
qtwebkit-opensource-src, qtwebkit-source, webkit, webkitgtk
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qtwebkit-opensource-src | — | — | — | — |
| qtwebkit-source | — | — | — | — |
| webkit | — | — | — | — |
| webkitgtk | — | — | — | — |