厂商或团体 kde 的搜索结果 (158)

CVE-2014-8878(发布:2017-09-27 21:29:00)NMCS
CVSS4.3

[CNNVD]KMail 安全漏洞--Kontact是KDE社区开发的一套个人信息管理器和组件的软件套件。KMail是其中的一个电子邮件组件。 KMail中存在安全漏洞。攻击者可利用该漏洞获取敏感信息。

CVE-2015-7543(发布:2017-07-25 10:29:00)NM
CVSS4.4

[原文]aRts 1.5.10 and kdelibs3 3.5.10 and earlier do not properly create temporary directories, which allows local users to hijack the IPC by pre-creating the temporary directory.

CVE-2017-8422(发布:2017-05-17 10:29:00)NMPS
CVSS7.2

[原文]KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.

CVE-2017-6410(发布:2017-03-02 01:59:01)NMP
CVSS4.3

[原文]kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls the PAC FindProxyForURL function with a full https URL (potentially including Basic Authentication credentials, a query string, or PATH_INFO), which allows remote attackers to obtain sensitive information via a crafted PAC file.

CVE-2016-7967(发布:2016-12-23 17:59:00)NM
CVSS5.8

[原文]KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. Since the generated html is executed in the local file security context by default access to remote and local URLs was enabled.

CVE-2016-7968(发布:2016-12-23 17:59:00)NM
CVSS7.5

[原文]KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. HTML Mail contents were not sanitized for JavaScript and included code was executed.

12345678下一页尾页 第1页 / 共27页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站