rpm package
suse/kdelibs4&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP1
pkg:rpm/suse/kdelibs4&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-8079 | Med | 5.3 | < 4.12.0-7.3 | 4.12.0-7.3 | Sep 7, 2017 | qt5-qtwebkit before 5.4 records private browsing URLs to its favicon database, WebpageIcons.db. | |
| CVE-2017-8422 | Hig | 7.8 | < 4.12.0-10.1 | 4.12.0-10.1 | May 17, 2017 | KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app. | |
| CVE-2016-6354 | Cri | 9.8 | < 4.12.0-7.3 | 4.12.0-7.3 | Sep 21, 2016 | Heap-based buffer overflow in the yy_get_next_buffer function in Flex before 2.6.1 might allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors involving num_to_read. |
- affected < 4.12.0-7.3fixed 4.12.0-7.3
qt5-qtwebkit before 5.4 records private browsing URLs to its favicon database, WebpageIcons.db.
- affected < 4.12.0-10.1fixed 4.12.0-10.1
KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.
- affected < 4.12.0-7.3fixed 4.12.0-7.3
Heap-based buffer overflow in the yy_get_next_buffer function in Flex before 2.6.1 might allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors involving num_to_read.