Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kde kdelibs 3.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-1165
Konqueror 3.3.1 allows remote malicious users to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline ("%0a") before the FTP command, which causes the commands to be inserted into the resulting FTP session, as demonstrated using a PORT co...
Kde Konqueror 3.3.1
Kde Kdelibs 3.1.5
Kde Kdelibs 3.1.3
Kde Kdelibs 3.2.2
Kde Kdelibs 3.2.1
Kde Kdelibs 3.1
Kde Kdelibs 3.1.2
Kde Kdelibs 3.1.4
Kde Kdelibs 3.1.1
Kde Kdelibs 3.2
1 EDB exploit
NA
CVE-2003-0459
KDE Konqueror for KDE 3.1.2 and previous versions does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.
Redhat Kdelibs 3.0.0-10
Kde Konqueror 3.1.2
Redhat Kdelibs 2.2-11
Kde Konqueror 3.0.2
Redhat Kdelibs Devel 2.2-11
Redhat Kdelibs Sound Devel 2.2-11
Redhat Analog Real-time Synthesizer 2.2-11
Kde Konqueror 2.2.2
Kde Konqueror 3.1
Kde Konqueror 3.0
Redhat Kdelibs Devel 3.1-10
Kde Konqueror 3.0.1
Kde Konqueror 3.0.3
Redhat Kdelibs Sound 2.2-11
Redhat Kdebase 3.0.3-13
Kde Konqueror 3.1.1
Redhat Kdelibs Devel 3.0.0-10
Redhat Kdelibs 3.1-10
Redhat Kdelibs Devel 2.1.1-5
Redhat Kdelibs Sound 2.1.1-5
Redhat Kdelibs 2.1.1-5
Redhat Kdelibs Sound Devel 2.1.1-5
7.5
CVSSv3
CVE-2005-1920
The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x up to and including 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote malicious users to obtain sensitive information.
Kde Kde
Debian Debian Linux 3.1
NA
CVE-2003-0204
KDE 2 and KDE 3.1.1 and previous versions 3.x versions allows malicious users to execute arbitrary commands via (1) PostScript (PS) or (2) PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when using the kghostview Ghostscript viewer.
Kde Kde 2.2.1
Kde Kde 2.1.2
Kde Kde 2.0
Kde Kde 3.0.2
Kde Kde 3.0.5
Kde Kde 2.2
Kde Kde 2.0.1
Kde Kde 2.1
Kde Kde 3.0.1
Kde Kde 3.0.5a
Kde Kde 3.0.4
Kde Kde 3.0
Kde Kde 2.1.1
Kde Kde 2.2.2
Kde Kde 3.1
Kde Kde 3.0.3
Kde Kde 3.1.1
Kde Kde 3.0.3a
NA
CVE-2004-1158
Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote malicious users to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a ...
Kde Konqueror 3.2.2.6
Kde Konqueror 3.1.2
Kde Konqueror 3.0.2
Kde Konqueror 3.3
Kde Konqueror 2.2.2
Kde Konqueror 3.1
Kde Konqueror 3.0
Kde Konqueror 3.3.1
Kde Konqueror 3.0.1
Kde Konqueror 3.0.3
Kde Konqueror 3.1.1
Kde Konqueror 2.1.2
Kde Konqueror 3.2.3
Kde Konqueror 3.0.5b
Kde Konqueror 2.2.1
Kde Konqueror 3.1.3
Kde Konqueror 3.3.2
Kde Konqueror 3.1.4
Kde Konqueror 3.2.1
Kde Konqueror 3.1.5
Kde Konqueror 2.1.1
Kde Konqueror 3.0.5
NA
CVE-2004-0746
Konqueror in KDE 3.2.3 and previous versions allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote malicious users to perform a session fixation attack and hijack a user's HTTP session.
Kde Konqueror 3.1.2
Kde Konqueror 3.0.2
Kde Konqueror 3.1
Kde Konqueror 3.0
Kde Konqueror 3.0.1
Kde Konqueror 3.0.3
Kde Konqueror 3.1.1
Kde Konqueror 3.2.3
Kde Konqueror 3.0.5b
Kde Konqueror 3.1.3
Kde Konqueror 3.2.1
Kde Konqueror 3.1.5
Kde Konqueror 3.0.5
Suse Suse Linux 9.0
Suse Suse Linux 8.2
Suse Suse Linux 8
Mandrakesoft Mandrake Linux 9.2
Suse Suse Linux 9.1
Kde Kde 3.1.3
Gentoo Linux 1.4
Mandrakesoft Mandrake Linux 10.0
Kde Kde 3.2
NA
CVE-2006-3672
KDE Konqueror 3.5.1 and previous versions allows remote malicious users to cause a denial of service (application crash) by calling the replaceChild method on a DOM object, which triggers a null dereference, as demonstrated by calling document.replaceChild with a 0 (zero) argumen...
Kde Konqueror 3.2.2.6
Kde Konqueror 3.1.2
Kde Konqueror 3.0.2
Kde Konqueror 3.3
Kde Konqueror 2.2.2
Kde Konqueror 3.1
Kde Konqueror 3.0
Kde Konqueror 3.3.1
Kde Konqueror 3.0.1
Kde Konqueror 3.0.3
Kde Konqueror 3.1.1
Kde Konqueror 2.1.2
Kde Konqueror
Kde Konqueror 3.2.3
Kde Konqueror 3.0.5b
Kde Konqueror 2.2.1
Kde Konqueror 3.1.3
Kde Konqueror 3.3.2
Kde Konqueror 3.1.4
Kde Konqueror 3.2.1
Kde Konqueror 3.1.5
Kde Konqueror 3.2.2
1 EDB exploit
NA
CVE-2003-0592
Konqueror in KDE 3.1.3 and previous versions (kdelibs) allows remote malicious users to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Konqueror to send the cookie outsi...
Kde Konqueror 3.1.2
Kde Konqueror 3.0.2
Kde Konqueror 2.2.2
Kde Konqueror 3.1
Kde Konqueror 3.0
Kde Konqueror 3.0.1
Kde Konqueror 3.0.3
Kde Konqueror 3.1.1
Kde Konqueror Embedded 0.1
Kde Konqueror 2.1.1
Kde Konqueror 3.0.5
NA
CVE-2002-1393
Multiple vulnerabilities in KDE 2 and KDE 3.x up to and including 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote malicious users to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses.
Kde Kde 2.2.1
Kde Kde 2.1.2
Kde Kde 2.0
Kde Kde 3.0.2
Kde Kde 3.0.5
Kde Kde 2.2
Kde Kde 2.0.1
Kde Kde 2.1
Kde Kde 3.0.1
Kde Kde 3.0.4
Kde Kde 3.0
Kde Kde 2.1.1
Kde Kde 2.2.2
Kde Kde 3.0.3
Kde Kde 3.0.3a
NA
CVE-2009-1687
The JavaScript garbage collector in WebKit in Apple Safari prior to 4.0, iPhone OS 1.0 up to and including 2.2.1, and iPhone OS for iPod touch 1.1 up to and including 2.2.1 does not properly handle allocation failures, which allows remote malicious users to execute arbitrary code...
Apple Safari 1.1
Apple Safari 1.3.1
Apple Safari 3.2.3
Apple Safari 2.0.2
Apple Safari 3.1
Apple Safari 3.1.2
Apple Safari 3.0
Apple Safari 0.8
Apple Safari 2.0
Apple Safari 3.0.4
Apple Safari 0.9
Apple Safari 3.0.3
Apple Safari 1.3.2
Apple Safari 1.2
Apple Safari
Apple Safari 3.2.1
Apple Safari 3.0.2
Apple Safari 2.0.4
Apple Safari 3.1.1
Apple Safari 1.0.3
Apple Safari 1.0
Apple Safari 1.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »