Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kde kde 3.1.1 vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2005-0205
KPPP 2.1.2 in KDE 3.1.5 and previous versions, when setuid root without certain wrappers, does not properly close a privileged file descriptor for a domain socket, which allows local users to read and write to /etc/hosts and /etc/resolv.conf and gain control over DNS name resolut...
Kde Kde 3.1.5
Kde Kde 3.1.2
Kde Kde 3.1.3
Kde Kde 3.1
Kde Kde 3.1.4
Kde Kde 3.1.1
Bernd Wuebben Kppp 2.1.2
7.5
CVSSv2
CVE-2004-1158
Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote malicious users to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a ...
Kde Konqueror 3.2.2.6
Kde Konqueror 3.1.2
Kde Konqueror 3.0.2
Kde Konqueror 3.3
Kde Konqueror 2.2.2
Kde Konqueror 3.1
Kde Konqueror 3.0
Kde Konqueror 3.3.1
Kde Konqueror 3.0.1
Kde Konqueror 3.0.3
Kde Konqueror 3.1.1
Kde Konqueror 2.1.2
Kde Konqueror 3.2.3
Kde Konqueror 3.0.5b
Kde Konqueror 2.2.1
Kde Konqueror 3.1.3
Kde Konqueror 3.3.2
Kde Konqueror 3.1.4
Kde Konqueror 3.2.1
Kde Konqueror 3.1.5
Kde Konqueror 2.1.1
Kde Konqueror 3.0.5
7.5
CVSSv2
CVE-2004-1165
Konqueror 3.3.1 allows remote malicious users to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline ("%0a") before the FTP command, which causes the commands to be inserted into the resulting FTP session, as demonstrated using a PORT co...
Kde Konqueror 3.3.1
Kde Kdelibs 3.1.5
Kde Kdelibs 3.1.3
Kde Kdelibs 3.2.2
Kde Kdelibs 3.2.1
Kde Kdelibs 3.1
Kde Kdelibs 3.1.2
Kde Kdelibs 3.1.4
Kde Kdelibs 3.1.1
Kde Kdelibs 3.2
1 EDB exploit
7.5
CVSSv2
CVE-2004-0867
Mozilla Firefox 0.9.2 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote malicious users to perform a session fixation attack and hijack a user's HTTP session. NOTE: it was later reported th...
Kde Konqueror 3.1.2
Kde Konqueror 3.0.2
Kde Konqueror 2.2.2
Kde Konqueror 3.1
Kde Konqueror 3.0
Microsoft Ie 6.0
Kde Konqueror 3.0.1
Kde Konqueror 3.0.3
Kde Konqueror 3.1.1
Kde Konqueror 2.1.2
Kde Konqueror 3.2.3
Kde Konqueror 3.0.5b
Kde Konqueror 2.2.1
Kde Konqueror 3.1.3
Kde Konqueror 3.1.4
Kde Konqueror 3.2.1
Mozilla Firefox 0.9.2
Kde Konqueror 3.1.5
Kde Konqueror 2.1.1
Kde Konqueror 3.0.5
Microsoft Internet Explorer 6.0
Suse Suse Linux 9.0
7.5
CVSSv2
CVE-2004-0746
Konqueror in KDE 3.2.3 and previous versions allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote malicious users to perform a session fixation attack and hijack a user's HTTP session.
Kde Konqueror 3.1.2
Kde Konqueror 3.0.2
Kde Konqueror 3.1
Kde Konqueror 3.0
Kde Konqueror 3.0.1
Kde Konqueror 3.0.3
Kde Konqueror 3.1.1
Kde Konqueror 3.2.3
Kde Konqueror 3.0.5b
Kde Konqueror 3.1.3
Kde Konqueror 3.2.1
Kde Konqueror 3.1.5
Kde Konqueror 3.0.5
Suse Suse Linux 9.0
Suse Suse Linux 8.2
Suse Suse Linux 8
Mandrakesoft Mandrake Linux 9.2
Suse Suse Linux 9.1
Kde Kde 3.1.3
Gentoo Linux 1.4
Mandrakesoft Mandrake Linux 10.0
Kde Kde 3.2
5
CVSSv2
CVE-2004-0870
KDE Konqueror does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote malicious users to steal cookies and conduct unauthorized activities, aka "Cross Security ...
Kde Konqueror 3.1.2
Kde Konqueror 3.0.2
Kde Konqueror 2.2.2
Kde Konqueror 3.1
Kde Konqueror 3.0
Kde Konqueror 3.0.1
Kde Konqueror 3.0.3
Kde Konqueror 3.1.1
Kde Konqueror 2.1.2
Kde Konqueror 3.2.3
Kde Konqueror 3.0.5b
Kde Konqueror 2.2.1
Kde Konqueror 3.1.3
Kde Konqueror 3.1.4
Kde Konqueror 3.2.1
Kde Konqueror 3.1.5
Kde Konqueror 2.1.1
Kde Konqueror 3.0.5
7.5
CVSSv2
CVE-2004-0866
Internet Explorer 6.0 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote malicious users to perform a session fixation attack and hijack a user's HTTP session.
Kde Konqueror 3.1.2
Kde Konqueror 3.0.2
Kde Konqueror 2.2.2
Kde Konqueror 3.1
Kde Konqueror 3.0
Microsoft Ie 6.0
Kde Konqueror 3.0.1
Kde Konqueror 3.0.3
Kde Konqueror 3.1.1
Kde Konqueror 2.1.2
Kde Konqueror 3.2.3
Kde Konqueror 3.0.5b
Kde Konqueror 2.2.1
Kde Konqueror 3.1.3
Kde Konqueror 3.1.4
Kde Konqueror 3.2.1
Mozilla Firefox 0.9.2
Kde Konqueror 3.1.5
Kde Konqueror 2.1.1
Kde Konqueror 3.0.5
Microsoft Internet Explorer 6.0
Suse Suse Linux 9.0
5
CVSSv2
CVE-2004-0527
KDE Konqueror 2.1.1 and 2.2.2 allows remote malicious users to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a ...
Kde Konqueror 3.1.2
Kde Konqueror 3.0.2
Kde Konqueror 2.2.2
Kde Konqueror 3.1
Kde Konqueror 3.0
Kde Konqueror 3.0.1
Kde Konqueror 3.0.3
Kde Konqueror 3.1.1
Kde Konqueror 3.1.3
Kde Konqueror 3.2.1
Kde Konqueror 2.1.1
Kde Konqueror 3.0.5
1 EDB exploit
7.5
CVSSv2
CVE-2003-0592
Konqueror in KDE 3.1.3 and previous versions (kdelibs) allows remote malicious users to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Konqueror to send the cookie outsi...
Kde Konqueror 3.1.2
Kde Konqueror 3.0.2
Kde Konqueror 2.2.2
Kde Konqueror 3.1
Kde Konqueror 3.0
Kde Konqueror 3.0.1
Kde Konqueror 3.0.3
Kde Konqueror 3.1.1
Kde Konqueror Embedded 0.1
Kde Konqueror 2.1.1
Kde Konqueror 3.0.5
7.5
CVSSv2
CVE-2003-0988
Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 up to and including 3.1.4 allows malicious users to execute arbitrary code via a VCF file.
Kde Kde 3.1.0
Kde Kde 3.1.2
Kde Kde 3.1.3
Kde Kde 3.1.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »