Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kde kde applications vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-28117
libdiscover/backends/KNSBackend/KNSResource.cpp in KDE Discover prior to 5.21.3 automatically creates links to potentially dangerous URLs (that are neither https:// nor http://) based on the content of the store.kde.org web site. (5.18.7 is also a fixed version.)
Kde Discover
5
CVSSv2
CVE-2018-19516
messagepartthemes/default/defaultrenderer.cpp in messagelib in KDE Applications prior to 18.12.0 does not properly restrict the handling of an http-equiv="REFRESH" value.
Kde Kde Applications
5
CVSSv2
CVE-2018-19120
The HTML thumbnailer plugin in KDE Applications prior to 18.12.0 allows malicious users to trigger outbound TCP connections to arbitrary IP addresses, leading to disclosure of the source IP address.
Kde Kde Applications
7.2
CVSSv2
CVE-2018-10361
An issue exists in KTextEditor 5.34.0 up to and including 5.45.0. Insecure handling of temporary files in the KTextEditor's kauth_ktexteditor_helper service (as utilized in the Kate text editor) can allow other unprivileged users on the local system to gain root privileges. ...
Kde Ktexteditor
5
CVSSv2
CVE-2017-9604
KDE kmail prior to 5.5.2 and messagelib prior to 5.5.2, as distributed in KDE Applications prior to 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote malicious users to obtain sensitive information by ...
Kde Messagelib
Kde Kmail
6.8
CVSSv2
CVE-2017-5330
ark prior to 16.12.1 might allow remote malicious users to execute arbitrary code via an executable in an archive, related to associated applications.
Fedoraproject Fedora 25
Kde Ark
5
CVSSv2
CVE-2016-6232
Directory traversal vulnerability in KArchive prior to 5.24, as used in KDE Frameworks, allows remote malicious users to write to arbitrary files via a ../ (dot dot slash) in a filename in an archive file, related to KNewsstuff downloads.
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Kde Karchives
5
CVSSv2
CVE-2013-7252
kwalletd in KWallet before KDE Applications 14.12.0 uses Blowfish with ECB mode instead of CBC mode when encrypting the password store, which makes it easier for malicious users to guess passwords via a codebook attack.
Kde Kde Applications
6.8
CVSSv2
CVE-2009-2408
Mozilla Network Security Services (NSS) prior to 3.12.3, Firefox prior to 3.0.13, Thunderbird prior to 2.0.0.23, and SeaMonkey prior to 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, ...
Mozilla Network Security Services
Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird
Suse Linux Enterprise Server 9
Suse Linux Enterprise 11.0
Suse Linux Enterprise 10.0
Opensuse Opensuse
Debian Debian Linux 5.0
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
9.3
CVSSv2
CVE-2009-1698
WebKit in Apple Safari prior to 4.0, iPhone OS 1.0 up to and including 2.2.1, and iPhone OS for iPod touch 1.1 up to and including 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allow...
Apple Safari 3.0.4b
Apple Safari 2.0.3
Apple Safari 3.0.4
Apple Safari 3.0.1
Apple Safari 2.0.1
Apple Safari 2.0.2
Apple Safari 3.0.0
Apple Safari 3.1.0b
Apple Safari 3.1.0
Apple Safari 3.0.1b
Apple Safari 3.1.2
Apple Safari 3.1.1
Apple Safari 3.0.2b
Apple Safari 3.0.2
Apple Safari 2.0.4
Apple Safari 2.0
Apple Safari
Apple Safari 3.0.0b
Apple Safari 3.2.0
Apple Safari 3.0.3b
Apple Safari 3.0.3
Apple Safari 2.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21991
CVE-2024-32674
path traversal
CVE-2023-21987
denial of service
dos
CVE-2024-4647
CVE-2024-25519
CVE-2024-33612
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »