Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kde vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-1433
A vulnerability, which was classified as problematic, was found in KDE Plasma Workspace up to 5.93.0. This affects the function EventPluginsManager::enabledPlugins of the file components/calendar/eventpluginsmanager.cpp of the component Theme File Handler. The manipulation of the...
NA
CVE-2023-28581
Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE.
Qualcomm Fastconnect 6800 Firmware -
Qualcomm Fastconnect 6900 Firmware -
Qualcomm Fastconnect 7800 Firmware -
Qualcomm Qca6391 Firmware -
Qualcomm Qca6426 Firmware -
Qualcomm Qca6436 Firmware -
Qualcomm Sd 8 Gen1 5g Firmware -
Qualcomm Sd865 5g Firmware -
Qualcomm Snapdragon 8 Gen 1 Firmware -
Qualcomm Snapdragon 865 5g Firmware -
Qualcomm Snapdragon 865\\+ 5g Firmware -
Qualcomm Snapdragon 870 5g Firmware -
Qualcomm Snapdragon Ar2 Gen 1 Firmware -
Qualcomm Snapdragon Xr2 5g Firmware -
Qualcomm Ssg2115p Firmware -
Qualcomm Ssg2125p Firmware -
Qualcomm Sxr1230p Firmware -
Qualcomm Sxr2230p Firmware -
Qualcomm Wcd9380 Firmware -
Qualcomm Wcd9385 Firmware -
Qualcomm Wcn6740 Firmware -
Qualcomm Wsa8810 Firmware -
4.6
CVSSv2
CVE-2022-24986
KDE KCron up to and including 21.12.2 uses a temporary file in /tmp when saving, but reuses the filename during an editing session. Thus, someone watching it be created the first time could potentially intercept the file the following time, enabling that person to run unauthorize...
Kde Kcron
6.8
CVSSv2
CVE-2022-23853
The LSP (Language Server Protocol) plugin in KDE Kate prior to 21.12.2 and KTextEditor prior to 5.91.0 tries to execute the associated LSP server binary when opening a file of a given type. If this binary is absent from the PATH, it will try running the LSP server binary in the d...
Kde Ktexteditor
Kde Kate
3.5
CVSSv2
CVE-2021-38373
In KDE KMail 19.12.3 (aka 5.13.3), the SMTP STARTTLS option is not honored (and cleartext messages are sent) unless "Server requires authentication" is checked.
Kde Kmail 19.12.3
4.3
CVSSv2
CVE-2021-38372
In KDE Trojita 0.7, man-in-the-middle attackers can create new folders because untagged responses from an IMAP server are accepted before STARTTLS.
Kde Trojita 0.7
4.3
CVSSv2
CVE-2021-36083
KDE KImageFormats 5.70.0 up to and including 5.81.0 has a stack-based buffer overflow in XCFImageFormat::loadTileRLE.
Kde Kimageformats
4
CVSSv2
CVE-2021-31855
KDE Messagelib up to and including 5.17.0 reveals cleartext of encrypted messages in some situations. Deleting an attachment of a decrypted encrypted message stored on a remote server (e.g., an IMAP server) causes KMail to upload the decrypted content of the message to the remote...
Kde Messagelib
5
CVSSv2
CVE-2021-28117
libdiscover/backends/KNSBackend/KNSResource.cpp in KDE Discover prior to 5.21.3 automatically creates links to potentially dangerous URLs (that are neither https:// nor http://) based on the content of the store.kde.org web site. (5.18.7 is also a fixed version.)
Kde Discover
7.2
CVSSv2
CVE-2020-27187
An issue exists in KDE Partition Manager 4.1.0 prior to 4.2.0. The kpmcore_externalcommand helper contains a logic flaw in which the service invoking D-Bus is not properly checked. An attacker on the local machine can replace /etc/fstab, and execute mount and other partitioning r...
Kde Partition Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29758
CVE-2023-42931
unauthorized
CVE-2024-1540
unprivileged
CVE-2023-24955
CVE-2024-20259
logic flaw
CVE-2024-20333
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »