Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
konqueror vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2007-6591
KDE Konqueror 3.5.5 and 3.95.00, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regards the certificate as also accepted for all domain names in subjectAltName:dNSName fields, even though these fields cannot be examined in the pr...
Kde Konqueror 3.5.5
Kde Konqueror 3.95.00
7.5
CVSSv2
CVE-2004-0721
Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
Kde Konqueror 3.1.3
Kde Konqueror 3.2.2
7.5
CVSSv2
CVE-2002-1151
The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 up to and including 3.0.3 does not properly initialize the domains on sub-frames and sub-iframes, which can allow remote malicious users to execute script and steal cookies from subframes that are in other dom...
Kde Konqueror 2.2.2
Kde Konqueror 3.0
Kde Konqueror 3.0.3
Kde Konqueror 3.0.1
Kde Konqueror 3.0.2
Kde Kde 2.2.2
Kde Kde 3.0
Kde Kde 3.0.1
Kde Kde 3.0.2
Kde Kde 3.0.3
7.5
CVSSv2
CVE-2002-0970
The SSL capability for Konqueror in KDE 3.0.2 and previous versions does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote malicious users to spoof the certificates of trusted sites via a man-in-the-middle attack.
Kde Konqueror 2.2.2
Kde Konqueror 3.0
Kde Konqueror 3.0.1
Kde Konqueror 3.0.2
Kde Kde 3.0.1
Kde Kde 3.0.2
Kde Kde 2.2.2
Kde Kde 3.0
5
CVSSv2
CVE-2003-0459
KDE Konqueror for KDE 3.1.2 and previous versions does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.
Kde Konqueror 3.0
Kde Konqueror 3.0.1
Kde Konqueror Embedded 0.1
Redhat Analog Real-time Synthesizer 2.1.1-5
Redhat Kdelibs 3.0.0-10
Redhat Kdelibs 3.1-10
Redhat Kdelibs Sound 2.1.1-5
Redhat Kdelibs Sound 2.2-11
Kde Konqueror 3.0.5
Kde Konqueror 3.1
Redhat Kdebase 3.0.3-13
Redhat Kdelibs Devel 2.2-11
Redhat Kdelibs Devel 3.0.0-10
Redhat Kdelibs Sound Devel 2.2-11
Kde Konqueror 3.0.2
Kde Konqueror 3.0.3
Redhat Analog Real-time Synthesizer 2.2-11
Redhat Kdelibs Devel 2.1.1-5
Redhat Kdelibs Sound Devel 2.1.1-5
Kde Konqueror 2.1.1
Kde Konqueror 2.2.2
Kde Konqueror 3.1.1
5
CVSSv2
CVE-2007-6000
KDE Konqueror 3.5.6 and previous versions allows remote malicious users to cause a denial of service (crash) via large HTTP cookie parameters.
Kde Konqueror
1 EDB exploit
7.5
CVSSv2
CVE-2004-0411
The URI handlers in Konqueror for KDE 3.2.2 and previous versions do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote malicious users to manipulate the options that are passed to the as...
Kde Konqueror
4.3
CVSSv2
CVE-2007-4229
Unspecified vulnerability in KDE Konqueror 3.5.7 and previous versions allows remote malicious users to cause a denial of service (failed assertion and application crash) via certain malformed HTML, as demonstrated by a document containing TEXTAREA, BUTTON, BR, BDO, PRE, FRAMESET...
Kde Konqueror
1 EDB exploit
4.3
CVSSv2
CVE-2009-2537
KDE Konqueror allows remote malicious users to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
Kde Konqueror
4.3
CVSSv2
CVE-2008-5698
HTMLTokenizer::scriptHandler in Konqueror in KDE 3.5.9 and 3.5.10 allows remote malicious users to cause a denial of service (application crash) via an invalid document.load call that triggers use of a deleted object. NOTE: some of these details are obtained from third party info...
Kde Konqueror
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »