Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kde kdelibs vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2012-4512
The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote malicious users to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "type confusion."
Kde Kde 4.7.3
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Eus 6.3
1 EDB exploit
7.8
CVSSv3
CVE-2019-14744
In KDE Frameworks KConfig prior to 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Ico...
Kde Kconfig
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Backports Sle 15.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
7.5
CVSSv3
CVE-2005-1920
The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x up to and including 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote malicious users to obtain sensitive information.
Kde Kde
Debian Debian Linux 3.1
7.1
CVSSv3
CVE-2004-0689
KDE prior to 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files.
Kde Kde
Debian Debian Linux 3.0
7
CVSSv3
CVE-2015-7543
aRts 1.5.10 and kdelibs3 3.5.10 and previous versions do not properly create temporary directories, which allows local users to hijack the IPC by pre-creating the temporary directory.
Artsproject Arts 1.5.10
Kde Kdelibs
5.5
CVSSv3
CVE-2017-6410
kpac/script.cpp in KDE kio prior to 5.32 and kdelibs prior to 4.14.30 calls the PAC FindProxyForURL function with a full https URL (potentially including Basic Authentication credentials, a query string, or PATH_INFO), which allows remote malicious users to obtain sensitive infor...
Kde Kdelibs
Kde Kio
NA
CVE-2014-5033
KDE kdelibs prior to 4.14 and kauth prior to 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) p...
Canonical Ubuntu Linux 14.04
Debian Kde4libs -
Canonical Ubuntu Linux 12.04
Kde Kdelibs 4.12.95
Kde Kdelibs 4.12.90
Kde Kdelibs 4.11.97
Kde Kdelibs 4.11.95
Kde Kdelibs 4.11.1
Kde Kdelibs 4.11.0
Kde Kdelibs
Kde Kdelibs 4.13.95
Kde Kauth
Kde Kdelibs 4.13.3
Kde Kdelibs 4.12.80
Kde Kdelibs 4.12.5
Kde Kdelibs 4.11.90
Kde Kdelibs 4.11.80
Kde Kdelibs 4.10.97
Kde Kdelibs 4.10.95
Kde Kdelibs 4.13.90
Kde Kdelibs 4.13.80
Kde Kdelibs 4.13.0
NA
CVE-2014-3494
kio/usernotificationhandler.cpp in the POP3 kioslave in kdelibs 4.10.95 prior to 4.13.3 does not properly generate warning notifications, which allows man-in-the-middle malicious users to obtain sensitive information via an invalid certificate.
Opensuse Opensuse 13.1
Kde Kdelibs 4.11.5
Kde Kdelibs 4.11.90
Kde Kdelibs 4.12.4
Kde Kdelibs 4.11.95
Kde Kdelibs 4.11.97
Kde Kdelibs 4.12.0
Kde Kdelibs 4.12.1
Kde Kdelibs 4.12.2
Kde Kdelibs 4.11.0
Kde Kdelibs 4.11.1
Kde Kdelibs 4.11.2
Kde Kdelibs 4.11.3
Kde Kdelibs 4.12.90
Kde Kdelibs 4.12.95
Kde Kdelibs 4.12.97
Kde Kdelibs 4.13.0
Kde Kdelibs 4.12.80
Kde Kdelibs 4.13.1
Kde Kdelibs 4.10.97
Kde Kdelibs 4.11.4
Kde Kdelibs 4.11.80
NA
CVE-2013-2074
kioslave/http/http.cpp in KIO in kdelibs 4.10.3 and previous versions allows malicious users to discover credentials via a crafted request that triggers an "internal server error," which includes the username and password in an error message.
Kde Kdelibs
Kde Kdelibs 4.10.1
Kde Kdelibs 4.10.2
Kde Kdelibs 4.10.0
NA
CVE-2012-4513
khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote malicious users to cause a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read.
Kde Kde 4.7.3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »