厂商或团体 kde 的搜索结果 (156)

CVE-2015-7543(发布:2017-07-25 10:29:00)NM
CVSS4.4

[原文]aRts 1.5.10 and kdelibs3 3.5.10 and earlier do not properly create temporary directories, which allows local users to hijack the IPC by pre-creating the temporary directory.

CVE-2017-8422(发布:2017-05-17 10:29:00)NMPS
CVSS7.2

[原文]KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.

CVE-2016-7967(发布:2016-12-23 17:59:00)NM
CVSS5.8

[原文]KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. Since the generated html is executed in the local file security context by default access to remote and local URLs was enabled.

CVE-2016-7968(发布:2016-12-23 17:59:00)NM
CVSS7.5

[原文]KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. HTML Mail contents were not sanitized for JavaScript and included code was executed.

CVE-2016-7966(发布:2016-12-23 17:59:00)NMPS
CVSS7.5

[原文]Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal sign (=) or a space into the injected HTML, which greatly reduces the available HTML functionality. Although it is possible to include an HTML comment indicator to hide content.

CVE-2016-7787(发布:2016-12-23 17:59:00)NMS
CVSS4.0

[原文]A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super user.

12345678下一页尾页 第1页 / 共26页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站