62 matches found
qt5-webengine -- Multiple vulnerabilities
Backports for 2 security bugs in Chromium: CVE-2024-3157: Out of bounds write in Compositing CVE-2024-3516: Heap buffer overflow in ANGLE...
qt6-webengine -- Multiple vulnerabilities
Qt qtwebengine-chromium repo reports: Backports for 16 security bugs in Chromium: CVE-2024-2625: Object lifecycle issue in V8 CVE-2024-2626: Out of bounds read in Swiftshader CVE-2024-2885: Use after free in Dawn CVE-2024-2887: Type Confusion in WebAssembly CVE-2024-3157: Out of bounds write in...
FreeBSD : qt6-webengine -- Multiple vulnerabilities (bbcb1584-c068-11ee-bdd6-4ccc6adda413)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the bbcb1584-c068-11ee-bdd6-4ccc6adda413 advisory. - Use after free in Web Audio in Google Chrome prior to 121.0.6167.85 allowed a remote attacke...
FreeBSD : qt5-webengine -- Multiple vulnerabilities (a11e7dd1-bed4-11ee-bdd6-4ccc6adda413)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the a11e7dd1-bed4-11ee-bdd6-4ccc6adda413 advisory. - Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker...
FreeBSD : qt6-webengine -- Multiple vulnerabilities (a25b323a-bed9-11ee-bdd6-4ccc6adda413)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the a25b323a-bed9-11ee-bdd6-4ccc6adda413 advisory. - Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker...
qt6-webengine -- Multiple vulnerabilities
Qt qtwebengine-chromium repo reports: Backports for 3 security bugs in Chromium: 1505080 High CVE-2024-0807: Use after free in WebAudio 1504936 Critical CVE-2024-0808: Integer underflow in WebUI 1496250 Medium CVE-2024-0810: Insufficient policy enforcement in DevTools...
qt5-webengine -- Multiple vulnerabilities
Qt qtwebengine-chromium repo reports: Backports for 8 security bugs in Chromium: 1505053 High CVE-2023-6345: Integer overflow in Skia 1501326 High CVE-2023-6702: Type Confusion in V8 1513170 High CVE-2023-7024: Heap buffer overflow in WebRTC 1501798 High CVE-2024-0222: Use after free in ANGLE...
qt6-webengine -- Multiple vulnerabilities
Qt qtwebengine-chromium repo reports: Backports for 15 security bugs in Chromium: 1505053 High CVE-2023-6345: Integer overflow in Skia 1500856 High CVE-2023-6346: Use after free in WebAudio 1494461 High CVE-2023-6347: Use after free in Mojo 1501326 High CVE-2023-6702: Type Confusion in V8 1502102...
Qt WebEngine: Multiple vulnerabilities
Background Library for rendering dynamic web content in Qt5 C++ and QML applications. Description Multiple vulnerabilities have been discovered in Qt WebEngine. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...
GLSA-202101-30 : Qt WebEngine: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202101-30 Qt WebEngine: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Qt WebEngine. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers...
JavaFX WebEngine does not properly restrict Java method execution
Overview JavaFX, GUI library for Java applications, is provided with OracleJDK 7 through 10. Since OracleJDK 11, JavaFX is separately maintained and developed by OpenJFX project under OpenJDK community. JavaFX WebEngine component is capable of web content rendering, and possible to be configured ...
JVN#62161191: JavaFX WebEngine does not properly restrict Java method execution
JavaFX, GUI library for Java applications, is provided with OracleJDK 7 through 10. Since OracleJDK 11, JavaFX is separately maintained and developed by OpenJFX project under OpenJDK community. JavaFX WebEngine component is capable of web content rendering, and possible to be configured to allow...
GLSA-202004-04 : Qt WebEngine: Arbitrary code execution
The remote host is affected by the vulnerability described in GLSA-202004-04 Qt WebEngine: Arbitrary code execution A use-after-free vulnerability has been found in the audio component of Qt WebEngine. Impact : A remote attacker could entice a user to open a specially crafted media file in an...
Qt WebEngine: Arbitrary code execution
Background Library for rendering dynamic web content in Qt5 C++ and QML applications. Description A use-after-free vulnerability has been found in the audio component of Qt WebEngine. Impact A remote attacker could entice a user to open a specially crafted media file in an application linked...
[ASA-201911-2] qt5-webengine: arbitrary code execution
Arch Linux Security Advisory ASA-201911-2 ========================================= Severity: Critical Date : 2019-11-02 CVE-ID : CVE-2019-13720 Package : qt5-webengine Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1059 Summary ======= The package...
UBUNTU-CVE-2015-1290
The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and QtWebEngineCore in Qt before 5.5.1, allows remote attackers to cause a denial of service memory corruption or execute arbitrary code via a crafted web site...
[ASA-201707-4] qt5-webengine: multiple issues
Arch Linux Security Advisory ASA-201707-4 ========================================= Severity: Critical Date : 2017-07-04 CVE-ID : CVE-2017-5070 CVE-2017-5071 CVE-2017-5075 CVE-2017-5076 CVE-2017-5077 CVE-2017-5078 CVE-2017-5079 CVE-2017-5083 CVE-2017-5088 CVE-2017-5089 Package : qt5-webengine Typ...
[ASA-201612-18] qt5-webengine: multiple issues
Arch Linux Security Advisory ASA-201612-18 ========================================== Severity: Critical Date : 2016-12-17 CVE-ID : CVE-2016-5133 CVE-2016-5147 CVE-2016-5153 CVE-2016-5155 CVE-2016-5161 CVE-2016-5166 CVE-2016-5170 CVE-2016-5171 CVE-2016-5172 CVE-2016-5181 CVE-2016-5185 CVE-2016-51...
蓝太平洋网站决策支持系统webeng~1.bz2配置文件下载漏洞
蓝太平洋网站决策支持系统WebEngine存在利用短文件漏洞下载明文系统配置文件可泄漏管理员明文密码等系统敏感配置信息 部分部署安装在win+apache环境下存在缺陷通过短文件漏洞实现利用。 配置文件中包涵了账号密码: poc导出的密码:...
Web Crawler : Web Application Crawler - New Release
Web Crawler is a open source application that is based on the WebEngine library. WebEngine is the set of tools for performing black-box web-sites testing and other similar tasks. It provides tools means for reception of documents from a web-server, parse HTML pages, their comparisons, search...