64 matches found
USN-3828-1: WebKitGTK+ vulnerabilities
A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...
USN-3781-2: WebKitGTK+ regression
USN-3781-1 fixed vulnerabilities in WebKitGTK+. The updated package was missing some header files, preventing certain applications from building. This update fixes the problem. We apologize for the inconvenience. Original advisory details: A large number of security issues were discovered in the...
USN-3687-1: WebKitGTK+ vulnerabilities
A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...
USN-3640-1: WebKitGTK+ vulnerability
Ivan Fratric discovered that WebKitGTK+ incorrectly handled certain web content. If a user were tricked into viewing a malicious website, a remote attacker could possibly exploit this to execute arbitrary code...
USN-3635-1: WebKitGTK+ vulnerabilities
A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...
USN-3551-1: WebKitGTK+ vulnerabilities
Multiple security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the user interface, or execute arbitrary code. CVE-2018-4088,...
USN-3514-1: WebKitGTK+ vulnerabilities
A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...
USN-3481-1: WebKitGTK+ vulnerabilities
A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...
USN-3460-1: WebKitGTK+ vulnerabilities
A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...
USN-3376-1: WebKitGTK+ vulnerabilities
A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...
USN-3303-1: WebKitGTK+ vulnerabilities
A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...
USN-3200-1: WebKitGTK+ vulnerabilities
A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...
USN-3191-1: WebKitGTK+ vulnerabilities
A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...
Cross site scripting
Cross-site scripting XSS vulnerability in Content Navigator in Content Engine in IBM FileNet Content Manager 5.2.x before 5.2.0.3-P8CPE-IF003 and Content Foundation 5.2.x before 5.2.0.3-P8CPE-IF003 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...
CVE-2014-4763
Cross-site scripting XSS vulnerability in Content Navigator in Content Engine in IBM FileNet Content Manager 5.2.x before 5.2.0.3-P8CPE-IF003 and Content Foundation 5.2.x before 5.2.0.3-P8CPE-IF003 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...
USN-1617-1: WebKit vulnerabilities
A large number of security issues were discovered in the WebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...
CVE-2011-1046
CVE-2011-1046 : IBM FileNet P8 Content Engine (P8CE) versions 4.0.1–5.0.0 (used in FileNet P8 CM and BPM) do not require the PRIVILEGED_WRITE access role for all intended Object Store modifications, allowing remote attackers to change a privileged property of an object through unspecified vectors...
CVE-2011-1046
IBM FileNet P8 Content Engine aka P8CE 4.0.1 through 5.0.0, as used in FileNet P8 Content Manager CM and FileNet P8 Business Process Manager BPM, does not require the PRIVILEGEDWRITE access role for all intended Object Store modifications, which allows remote attackers to change a privileged...
CVE-2010-2518
Unspecified vulnerability in the P8 Content Engine P8CE 4.5.1 before FP3 and the P8 Content Search Engine P8CSE before 4.5.0 FP3 and 4.5.1 before FP1, as used in IBM FileNet P8 Content Manager CM and FileNet P8 Business Process Manager BPM, allows remote attackers to gain privileges via unknown...
Information disclosure
Unspecified vulnerability in the P8 Content Engine P8CE 4.5.1 before FP3 and the P8 Content Search Engine P8CSE before 4.5.0 FP3 and 4.5.1 before FP1, as used in IBM FileNet P8 Content Manager CM and FileNet P8 Business Process Manager BPM, allows remote attackers to gain privileges via unknown...