Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kde kde 2.2.2 vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2003-0690
KDM in KDE 3.1.3 and previous versions does not verify whether the pam_setcred function call succeeds, which may allow malicious users to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pam_krb5 module.
Kde Kde 1.1
Kde Kde 1.1.1
Kde Kde 2.1.1
Kde Kde 2.1.2
Kde Kde 3.0.3a
Kde Kde 3.0.4
Kde Kde 3.1.2
Kde Kde 3.1.3
Kde Kde 2.0
Kde Kde 2.0.1
Kde Kde 3.0
Kde Kde 3.0.1
Kde Kde 3.0.5b
Kde Kde 3.1
Kde Kde 2.0 Beta
Kde Kde 2.1
Kde Kde 3.0.2
Kde Kde 3.0.3
Kde Kde 3.1.1
Kde Kde 3.1.1a
Kde Kde 1.1.2
Kde Kde 1.2
755
VMScore
CVE-2004-1165
Konqueror 3.3.1 allows remote malicious users to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline ("%0a") before the FTP command, which causes the commands to be inserted into the resulting FTP session, as demonstrated using a PORT co...
Kde Kdelibs 3.1.4
Kde Kdelibs 3.1.5
Kde Kdelibs 3.2
Kde Kdelibs 3.2.1
Kde Kdelibs 3.1
Kde Kdelibs 3.2.2
Kde Konqueror 3.3.1
Kde Kdelibs 3.1.1
Kde Kdelibs 3.1.2
Kde Kdelibs 3.1.3
1 EDB exploit
668
VMScore
CVE-2004-1158
Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote malicious users to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a ...
Kde Konqueror 2.2.1
Kde Konqueror 2.2.2
Kde Konqueror 3.0
Kde Konqueror 3.1.1
Kde Konqueror 3.1.2
Kde Konqueror 3.3
Kde Konqueror 3.3.1
Kde Konqueror 2.1.1
Kde Konqueror 2.1.2
Kde Konqueror 3.0.5b
Kde Konqueror 3.1
Kde Konqueror 3.2.2.6
Kde Konqueror 3.2.3
Kde Konqueror 3.0.3
Kde Konqueror 3.0.5
Kde Konqueror 3.1.5
Kde Konqueror 3.2.1
Kde Konqueror 3.0.1
Kde Konqueror 3.0.2
Kde Konqueror 3.1.3
Kde Konqueror 3.1.4
Kde Konqueror 3.3.2
668
VMScore
CVE-2004-0867
Mozilla Firefox 0.9.2 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote malicious users to perform a session fixation attack and hijack a user's HTTP session. NOTE: it was later reported th...
Kde Konqueror 2.2.1
Kde Konqueror 2.2.2
Kde Konqueror 3.1
Kde Konqueror 3.1.1
Kde Konqueror 3.1.2
Microsoft Ie 6.0
Kde Konqueror 2.1.1
Kde Konqueror 2.1.2
Kde Konqueror 3.0.5
Kde Konqueror 3.0.5b
Kde Konqueror 3.2.3
Microsoft Internet Explorer 6.0
Kde Konqueror 3.0
Kde Konqueror 3.0.1
Kde Konqueror 3.1.3
Kde Konqueror 3.1.4
Mozilla Firefox 0.9.2
Kde Konqueror 3.0.2
Kde Konqueror 3.0.3
Kde Konqueror 3.1.5
Kde Konqueror 3.2.1
Suse Suse Linux 9.0
668
VMScore
CVE-2004-0866
Internet Explorer 6.0 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote malicious users to perform a session fixation attack and hijack a user's HTTP session.
Kde Konqueror 3.0.2
Kde Konqueror 3.0.3
Kde Konqueror 3.1.4
Kde Konqueror 3.1.5
Kde Konqueror 3.0
Kde Konqueror 3.0.1
Kde Konqueror 3.1.2
Kde Konqueror 3.1.3
Mozilla Firefox 0.9.2
Kde Konqueror 2.1.1
Kde Konqueror 2.1.2
Kde Konqueror 3.0.5
Kde Konqueror 3.0.5b
Kde Konqueror 3.2.1
Kde Konqueror 3.2.3
Microsoft Internet Explorer 6.0
Kde Konqueror 2.2.1
Kde Konqueror 2.2.2
Kde Konqueror 3.1
Kde Konqueror 3.1.1
Microsoft Ie 6.0
Suse Suse Linux 1.0
668
VMScore
CVE-2003-0592
Konqueror in KDE 3.1.3 and previous versions (kdelibs) allows remote malicious users to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Konqueror to send the cookie outsi...
Kde Konqueror 2.1.1
Kde Konqueror 3.1
Kde Konqueror 3.1.1
Kde Konqueror 2.2.2
Kde Konqueror 3.0
Kde Konqueror 3.1.2
Kde Konqueror Embedded 0.1
Kde Konqueror 3.0.3
Kde Konqueror 3.0.5
Kde Konqueror 3.0.1
Kde Konqueror 3.0.2
668
VMScore
CVE-2003-0692
KDM in KDE 3.1.3 and previous versions uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows malicious users to guess session cookies via brute force methods and gain access to the user session.
Kde Kde 2.0.1
Kde Kde 2.0 Beta
Kde Kde 2.1
Kde Kde 3.0.1
Kde Kde 3.0.2
Kde Kde 3.1
Kde Kde 3.1.1
Kde Kde 1.1.1
Kde Kde 1.1.2
Kde Kde 2.2
Kde Kde 2.2.1
Kde Kde 3.0.4
Kde Kde 3.0.5
Kde Kde 3.1.3
Kde Kde 1.2
Kde Kde 2.0
Kde Kde 2.2.2
Kde Kde 3.0
Kde Kde 3.0.5a
Kde Kde 3.0.5b
Kde Kde 1.1
Kde Kde 2.1.1
668
VMScore
CVE-2003-0370
Konqueror Embedded and KDE 2.2.2 and previous versions does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote malicious users to spoof certificates via a man-in-the-middle attack.
Apple Safari 1.0
Kde Konqueror Embedded 0.1
Turbolinux Turbolinux Server 8.0
Turbolinux Turbolinux Workstation 8.0
Redhat Linux 7.1
Redhat Linux 7.2
Turbolinux Turbolinux Server 7.0
Turbolinux Turbolinux Workstation 7.0
Kde Kde
668
VMScore
CVE-2003-0204
KDE 2 and KDE 3.1.1 and previous versions 3.x versions allows malicious users to execute arbitrary commands via (1) PostScript (PS) or (2) PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when using the kghostview Ghostscript viewer.
Kde Kde 2.0
Kde Kde 2.2.2
Kde Kde 3.0
Kde Kde 3.1
Kde Kde 3.1.1
Kde Kde 2.0.1
Kde Kde 2.1
Kde Kde 3.0.1
Kde Kde 3.0.2
Kde Kde 2.1.1
Kde Kde 2.1.2
Kde Kde 3.0.3
Kde Kde 3.0.3a
Kde Kde 2.2
Kde Kde 2.2.1
Kde Kde 3.0.4
Kde Kde 3.0.5
Kde Kde 3.0.5a
668
VMScore
CVE-2002-1393
Multiple vulnerabilities in KDE 2 and KDE 3.x up to and including 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote malicious users to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses.
Kde Kde 2.1
Kde Kde 2.1.1
Kde Kde 2.1.2
Kde Kde 3.0.3
Kde Kde 3.0.3a
Kde Kde 2.2
Kde Kde 2.2.1
Kde Kde 3.0.4
Kde Kde 3.0.5
Kde Kde 2.2.2
Kde Kde 3.0
Kde Kde 2.0
Kde Kde 2.0.1
Kde Kde 3.0.1
Kde Kde 3.0.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »