CVEs (4)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
Konqueror in KDE 3.1.3 and earlier (kdelibs) allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes...Show more |
2Kde Redhat8Analog Real Time Synthesizer KdebaseKdelibs+5 moreApr 16, 2026 Aug 27, 2003 N/A· v4 N/A· v3 5.0 MEDIUM· v2 KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pa...Show more |
4Apple KdeRedhat+1 more6Kde Konqueror EmbeddedLinux+3 moreApr 16, 2026 Jun 16, 2003 N/A· v4 N/A· v3 7.5 HIGH· v2 Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack. |
Safari 1.0 Beta 2 (v73) and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates. |