Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kde kde applications vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2013-7252
kwalletd in KWallet before KDE Applications 14.12.0 uses Blowfish with ECB mode instead of CBC mode when encrypting the password store, which makes it easier for malicious users to guess passwords via a codebook attack.
Kde Kde Applications
5
CVSSv2
CVE-2018-19516
messagepartthemes/default/defaultrenderer.cpp in messagelib in KDE Applications prior to 18.12.0 does not properly restrict the handling of an http-equiv="REFRESH" value.
Kde Kde Applications
5
CVSSv2
CVE-2018-19120
The HTML thumbnailer plugin in KDE Applications prior to 18.12.0 allows malicious users to trigger outbound TCP connections to arbitrary IP addresses, leading to disclosure of the source IP address.
Kde Kde Applications
5
CVSSv2
CVE-2017-9604
KDE kmail prior to 5.5.2 and messagelib prior to 5.5.2, as distributed in KDE Applications prior to 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote malicious users to obtain sensitive information by ...
Kde Messagelib
Kde Kmail
7.2
CVSSv2
CVE-2018-10361
An issue exists in KTextEditor 5.34.0 up to and including 5.45.0. Insecure handling of temporary files in the KTextEditor's kauth_ktexteditor_helper service (as utilized in the Kate text editor) can allow other unprivileged users on the local system to gain root privileges. ...
Kde Ktexteditor
7.2
CVSSv2
CVE-2000-0530
The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files.
Caldera Openlinux 2.4
Kde Kde 1.1.2
3 EDB exploits
5
CVSSv2
CVE-2005-1920
The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x up to and including 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote malicious users to obtain sensitive information.
Kde Kde
Debian Debian Linux 3.1
4.6
CVSSv2
CVE-2004-0689
KDE prior to 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files.
Kde Kde
Debian Debian Linux 3.0
5
CVSSv2
CVE-2021-28117
libdiscover/backends/KNSBackend/KNSResource.cpp in KDE Discover prior to 5.21.3 automatically creates links to potentially dangerous URLs (that are neither https:// nor http://) based on the content of the store.kde.org web site. (5.18.7 is also a fixed version.)
Kde Discover
6.8
CVSSv2
CVE-2017-5330
ark prior to 16.12.1 might allow remote malicious users to execute arbitrary code via an executable in an archive, related to associated applications.
Fedoraproject Fedora 25
Kde Ark
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »