Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kde kdelibs vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2012-4512
The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote malicious users to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "type confusion."
Kde Kde 4.7.3
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Eus 6.3
1 EDB exploit
7.8
CVSSv3
CVE-2019-14744
In KDE Frameworks KConfig prior to 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Ico...
Kde Kconfig
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Backports Sle 15.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
7.5
CVSSv3
CVE-2005-1920
The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x up to and including 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote malicious users to obtain sensitive information.
Kde Kde
Debian Debian Linux 3.1
7.1
CVSSv3
CVE-2004-0689
KDE prior to 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files.
Kde Kde
Debian Debian Linux 3.0
7
CVSSv3
CVE-2015-7543
aRts 1.5.10 and kdelibs3 3.5.10 and previous versions do not properly create temporary directories, which allows local users to hijack the IPC by pre-creating the temporary directory.
Kde Kdelibs
Artsproject Arts 1.5.10
5.5
CVSSv3
CVE-2017-6410
kpac/script.cpp in KDE kio prior to 5.32 and kdelibs prior to 4.14.30 calls the PAC FindProxyForURL function with a full https URL (potentially including Basic Authentication credentials, a query string, or PATH_INFO), which allows remote malicious users to obtain sensitive infor...
Kde Kdelibs
Kde Kio
NA
CVE-2014-5033
KDE kdelibs prior to 4.14 and kauth prior to 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) p...
Debian Kde4libs -
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Kde Kdelibs 4.13.90
Kde Kdelibs
Kde Kdelibs 4.11.4
Kde Kdelibs 4.10.97
Kde Kdelibs 4.12.3
Kde Kdelibs 4.10.2
Kde Kdelibs 4.12.1
Kde Kdelibs 4.11.90
Kde Kdelibs 4.12.90
Kde Kdelibs 4.12.97
Kde Kdelibs 4.13.3
Kde Kdelibs 4.11.2
Kde Kdelibs 4.13.0
Kde Kdelibs 4.11.5
Kde Kdelibs 4.12.0
Kde Kdelibs 4.10.95
Kde Kdelibs 4.13.95
Kde Kdelibs 4.12.2
Kde Kdelibs 4.11.1
NA
CVE-2014-3494
kio/usernotificationhandler.cpp in the POP3 kioslave in kdelibs 4.10.95 prior to 4.13.3 does not properly generate warning notifications, which allows man-in-the-middle malicious users to obtain sensitive information via an invalid certificate.
Opensuse Opensuse 13.1
Kde Kdelibs 4.11.4
Kde Kdelibs 4.10.97
Kde Kdelibs 4.12.3
Kde Kdelibs 4.12.1
Kde Kdelibs 4.11.90
Kde Kdelibs 4.12.90
Kde Kdelibs 4.12.97
Kde Kdelibs 4.11.2
Kde Kdelibs 4.13.0
Kde Kdelibs 4.11.5
Kde Kdelibs 4.12.0
Kde Kdelibs 4.12.2
Kde Kdelibs 4.11.1
Kde Kdelibs 4.12.80
Kde Kdelibs 4.11.95
Kde Kdelibs 4.11.80
Kde Kdelibs 4.11.3
Kde Kdelibs 4.12.5
Kde Kdelibs 4.11.97
Kde Kdelibs 4.11.0
Kde Kdelibs 4.13.1
NA
CVE-2013-2074
kioslave/http/http.cpp in KIO in kdelibs 4.10.3 and previous versions allows malicious users to discover credentials via a crafted request that triggers an "internal server error," which includes the username and password in an error message.
Kde Kdelibs 4.10.2
Kde Kdelibs 4.10.1
Kde Kdelibs
Kde Kdelibs 4.10.0
NA
CVE-2012-4513
khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote malicious users to cause a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read.
Kde Kde 4.7.3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »