CVE-2024-1433 KDE Plasma Workspace Theme File eventpluginsmanager.cpp enabledPlugins path traversal

A vulnerability, which was classified as problematic, was found in KDE Plasma Workspace up to 5.93.0. This affects the function EventPluginsManager::enabledPlugins of the file components/calendar/eventpluginsmanager.cpp of the component Theme File Handler. The manipulation of the argument pluginI...

CVE-2018-5168

Sites can bypass security checks on permissions to install lightweight themes by manipulating the "baseURI" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects...

UBUNTU-CVE-2017-15228

Irssi before 1.0.5, when installing themes with unterminated colour formatting sequences, may access data beyond the end of the string...

CVE-2017-8101

There is CSRF in Serendipity 2.0.5, allowing attackers to install any themes via a GET request...

The vulnerability of the Firefox browser, which allows a remote attacker to bypass security restrictions

The vulnerability of Firefox lies in the ability to install extensions for lightweight themes without using an HTTPS connection. Exploiting this vulnerability allows a malicious individual to bypass user authentication by using a specially crafted website and by replacing the DNS request for...