Search CVE reports
301 – 310 of 355 results
CVE-2010-0661
Medium priorityWebCore/bindings/v8/custom/V8DOMWindowCustom.cpp in WebKit before r52401, as used in Google Chrome before 4.0.249.78, allows remote attackers to bypass the Same Origin Policy via vectors involving the window.open method.
3 affected packages
chromium-browser, qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | — | — |
| qt4-x11 | — | — | — | — | — |
| webkit | — | — | — | — | — |
CVE-2010-0659
Medium priorityThe image decoder in WebKit before r52833, as used in Google Chrome before 4.0.249.78, does not properly handle a failure of memory allocation, which allows remote attackers to execute arbitrary code in the Chrome sandbox via a...
3 affected packages
chromium-browser, qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | — | — |
| qt4-x11 | — | — | — | — | — |
| webkit | — | — | — | — | — |
CVE-2010-0656
Medium prioritySome fixes available 1 of 8
WebKit before r51295, as used in Google Chrome before 4.0.249.78, presents a directory-listing page in response to an XMLHttpRequest for a file:/// URL that corresponds to a directory, which allows attackers to obtain sensitive...
3 affected packages
chromium-browser, qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | — | — |
| qt4-x11 | — | — | — | — | — |
| webkit | — | — | — | — | — |
CVE-2010-0651
Medium prioritySome fixes available 1 of 8
WebKit before r52784, as used in Google Chrome before 4.0.249.78 and Apple Safari before 4.0.5, permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the...
3 affected packages
chromium-browser, qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | — | — |
| qt4-x11 | — | — | — | — | — |
| webkit | — | — | — | — | — |
CVE-2010-0650
Medium prioritySome fixes available 1 of 8
WebKit, as used in Google Chrome before 4.0.249.78 and Apple Safari, allows remote attackers to bypass intended restrictions on popup windows via crafted use of a mouse click event.
3 affected packages
chromium-browser, qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | — | — |
| qt4-x11 | — | — | — | — | — |
| webkit | — | — | — | — | — |
CVE-2010-0647
Medium prioritySome fixes available 1 of 8
WebKit before r53525, as used in Google Chrome before 4.0.249.89, allows remote attackers to execute arbitrary code in the Chrome sandbox via a malformed RUBY element, as demonstrated by a <ruby>><table><rt> sequence.
3 affected packages
chromium-browser, qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | — | — |
| qt4-x11 | — | — | — | — | — |
| webkit | — | — | — | — | — |
CVE-2010-0314
Low prioritySome fixes available 1 of 8
Apple Safari allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading...
2 affected packages
qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qt4-x11 | — | — | — | — | — |
| webkit | — | — | — | — | — |
CVE-2009-2841
Medium prioritySome fixes available 1 of 7
The HTMLMediaElement::loadResource function in html/HTMLMediaElement.cpp in WebCore in WebKit before r49480, as used in Apple Safari before 4.0.4 on Mac OS X, does not perform the expected callbacks for HTML 5 media elements that...
2 affected packages
qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qt4-x11 | — | — | — | — | — |
| webkit | — | — | — | — | — |
CVE-2009-2816
Medium priorityThe implementation of Cross-Origin Resource Sharing (CORS) in WebKit, as used in Apple Safari before 4.0.4 and Google Chrome before 3.0.195.33, includes certain custom HTTP headers in the OPTIONS request during cross-origin...
2 affected packages
qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qt4-x11 | — | — | — | — | — |
| webkit | — | — | — | — | — |
CVE-2009-3933
Low priorityWebKit before r50173, as used in Google Chrome before 3.0.195.32, allows remote attackers to cause a denial of service (CPU consumption) via a web page that calls the JavaScript setInterval method, which triggers...
4 affected packages
kde4libs, kdelibs, qt4-x11, webkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kde4libs | — | — | — | — | — |
| kdelibs | — | — | — | — | — |
| qt4-x11 | — | — | — | — | — |
| webkit | — | — | — | — | — |