Search CVE reports
21 – 30 of 356 results
Some fixes available 3 of 7
The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and height values in a GIF image.
2 affected packages
qt4-x11, qtbase-opensource-src
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qt4-x11 | — | — | — | — |
| qtbase-opensource-src | — | — | — | — |
Some fixes available 29 of 39
QXmlSimpleReader in Qt before 5.2 allows context-dependent attackers to cause a denial of service (memory consumption) via an XML Entity Expansion (XEE) attack.
3 affected packages
phantomjs, qt4-x11, qtbase-opensource-src
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| phantomjs | — | — | — | Not affected |
| qt4-x11 | — | — | — | Fixed |
| qtbase-opensource-src | — | — | — | Fixed |
Some fixes available 4 of 5
The QSharedMemory class in Qt 5.0.0, 4.8.x before 4.8.5, 4.7.x before 4.7.6, and other versions including 4.4.0 uses weak permissions (world-readable and world-writable) for shared memory segments, which allows local users to read...
1 affected package
qt4-x11
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qt4-x11 | — | — | — | — |
Some fixes available 4 of 5
The QSslSocket::sslErrors function in Qt before 4.6.5, 4.7.x before 4.7.6, 4.8.x before 4.8.5, when using certain versions of openSSL, uses an "incompatible structure layout" that can read memory from the wrong location, which...
1 affected package
qt4-x11
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qt4-x11 | — | — | — | — |
Some fixes available 3 of 4
The XMLHttpRequest object in Qt before 4.8.4 enables http redirection to the file scheme, which allows man-in-the-middle attackers to force the read of arbitrary local files and possibly obtain sensitive information via a file:...
1 affected package
qt4-x11
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qt4-x11 | — | — | — | — |
Some fixes available 21 of 34
The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle...
6 affected packages
apache2, chromium-browser, nss, openssl, openssl098, qt4-x11
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| apache2 | — | — | — | — |
| chromium-browser | — | — | — | — |
| nss | — | — | — | — |
| openssl | — | — | — | — |
| openssl098 | — | — | — | — |
| qt4-x11 | — | — | — | — |
Some fixes available 2 of 28
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to video source handling.
5 affected packages
chromium-browser, qt4-x11, qtwebkit-source, webkit, webkitgtk
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| qt4-x11 | — | — | — | — |
| qtwebkit-source | — | — | — | — |
| webkit | — | — | — | — |
| webkitgtk | — | — | — | — |
Some fixes available 2 of 28
Heap-based buffer overflow in the Web Audio implementation in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
5 affected packages
webkit, chromium-browser, qt4-x11, qtwebkit-source, webkitgtk
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| webkit | — | — | — | — |
| chromium-browser | — | — | — | — |
| qt4-x11 | — | — | — | — |
| qtwebkit-source | — | — | — | — |
| webkitgtk | — | — | — | — |
Some fixes available 2 of 28
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing operations...
5 affected packages
chromium-browser, qt4-x11, qtwebkit-source, webkit, webkitgtk
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| qt4-x11 | — | — | — | — |
| qtwebkit-source | — | — | — | — |
| webkit | — | — | — | — |
| webkitgtk | — | — | — | — |
Some fixes available 2 of 28
Google Chrome before 15.0.874.102 does not properly handle javascript: URLs, which allows remote attackers to bypass intended access restrictions and read cookies via unspecified vectors.
5 affected packages
chromium-browser, qt4-x11, qtwebkit-source, webkit, webkitgtk
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| qt4-x11 | — | — | — | — |
| qtwebkit-source | — | — | — | — |
| webkit | — | — | — | — |
| webkitgtk | — | — | — | — |