Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kde kde 3.1 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2005-1920
The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x up to and including 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote malicious users to obtain sensitive information.
Kde Kde
Debian Debian Linux 3.1
NA
CVE-2004-0870
KDE Konqueror does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote malicious users to steal cookies and conduct unauthorized activities, aka "Cross Security ...
Kde Konqueror 3.1.2
Kde Konqueror 3.0.2
Kde Konqueror 2.2.2
Kde Konqueror 3.1
Kde Konqueror 3.0
Kde Konqueror 3.0.1
Kde Konqueror 3.0.3
Kde Konqueror 3.1.1
Kde Konqueror 2.1.2
Kde Konqueror 3.2.3
Kde Konqueror 3.0.5b
Kde Konqueror 2.2.1
Kde Konqueror 3.1.3
Kde Konqueror 3.1.4
Kde Konqueror 3.2.1
Kde Konqueror 3.1.5
Kde Konqueror 2.1.1
Kde Konqueror 3.0.5
NA
CVE-2006-3672
KDE Konqueror 3.5.1 and previous versions allows remote malicious users to cause a denial of service (application crash) by calling the replaceChild method on a DOM object, which triggers a null dereference, as demonstrated by calling document.replaceChild with a 0 (zero) argumen...
Kde Konqueror 3.2.2.6
Kde Konqueror 3.1.2
Kde Konqueror 3.0.2
Kde Konqueror 3.3
Kde Konqueror 2.2.2
Kde Konqueror 3.1
Kde Konqueror 3.0
Kde Konqueror 3.3.1
Kde Konqueror 3.0.1
Kde Konqueror 3.0.3
Kde Konqueror 3.1.1
Kde Konqueror 2.1.2
Kde Konqueror
Kde Konqueror 3.2.3
Kde Konqueror 3.0.5b
Kde Konqueror 2.2.1
Kde Konqueror 3.1.3
Kde Konqueror 3.3.2
Kde Konqueror 3.1.4
Kde Konqueror 3.2.1
Kde Konqueror 3.1.5
Kde Konqueror 3.2.2
1 EDB exploit
NA
CVE-2005-4684
Konqueror can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote malicious users to trick a user into accepting a cookie for a hostname formed via search-list expansion of the hostname entered by the user, ...
Kde Konqueror 3.2.2.6
Kde Konqueror 3.1.2
Kde Konqueror 3.0.2
Kde Konqueror 3.3
Kde Konqueror 2.2.2
Kde Konqueror 3.1
Kde Konqueror 3.0
Kde Konqueror 3.3.1
Kde Konqueror 3.0.1
Kde Konqueror 3.0.3
Kde Konqueror 3.1.1
Kde Konqueror 2.1.2
Kde Konqueror 3.2.3
Kde Konqueror 3.0.5b
Kde Konqueror 2.2.1
Kde Konqueror 3.1.3
Kde Konqueror 0.1
Kde Konqueror 3.3.2
Kde Konqueror 3.1.4
Kde Konqueror 3.2.1
Kde Konqueror 3.1.5
Kde Konqueror 2.1.1
NA
CVE-2004-1158
Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote malicious users to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a ...
Kde Konqueror 3.2.2.6
Kde Konqueror 3.1.2
Kde Konqueror 3.0.2
Kde Konqueror 3.3
Kde Konqueror 2.2.2
Kde Konqueror 3.1
Kde Konqueror 3.0
Kde Konqueror 3.3.1
Kde Konqueror 3.0.1
Kde Konqueror 3.0.3
Kde Konqueror 3.1.1
Kde Konqueror 2.1.2
Kde Konqueror 3.2.3
Kde Konqueror 3.0.5b
Kde Konqueror 2.2.1
Kde Konqueror 3.1.3
Kde Konqueror 3.3.2
Kde Konqueror 3.1.4
Kde Konqueror 3.2.1
Kde Konqueror 3.1.5
Kde Konqueror 2.1.1
Kde Konqueror 3.0.5
NA
CVE-2002-1393
Multiple vulnerabilities in KDE 2 and KDE 3.x up to and including 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote malicious users to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses.
Kde Kde 2.2.1
Kde Kde 2.1.2
Kde Kde 2.0
Kde Kde 3.0.2
Kde Kde 3.0.5
Kde Kde 2.2
Kde Kde 2.0.1
Kde Kde 2.1
Kde Kde 3.0.1
Kde Kde 3.0.4
Kde Kde 3.0
Kde Kde 2.1.1
Kde Kde 2.2.2
Kde Kde 3.0.3
Kde Kde 3.0.3a
NA
CVE-2004-0746
Konqueror in KDE 3.2.3 and previous versions allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote malicious users to perform a session fixation attack and hijack a user's HTTP session.
Kde Konqueror 3.1.2
Kde Konqueror 3.0.2
Kde Konqueror 3.1
Kde Konqueror 3.0
Kde Konqueror 3.0.1
Kde Konqueror 3.0.3
Kde Konqueror 3.1.1
Kde Konqueror 3.2.3
Kde Konqueror 3.0.5b
Kde Konqueror 3.1.3
Kde Konqueror 3.2.1
Kde Konqueror 3.1.5
Kde Konqueror 3.0.5
Suse Suse Linux 9.0
Suse Suse Linux 8.2
Suse Suse Linux 8
Mandrakesoft Mandrake Linux 9.2
Suse Suse Linux 9.1
Kde Kde 3.1.3
Gentoo Linux 1.4
Mandrakesoft Mandrake Linux 10.0
Kde Kde 3.2
NA
CVE-2004-0866
Internet Explorer 6.0 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote malicious users to perform a session fixation attack and hijack a user's HTTP session.
Kde Konqueror 3.1.2
Kde Konqueror 3.0.2
Kde Konqueror 2.2.2
Kde Konqueror 3.1
Kde Konqueror 3.0
Microsoft Ie 6.0
Kde Konqueror 3.0.1
Kde Konqueror 3.0.3
Kde Konqueror 3.1.1
Kde Konqueror 2.1.2
Kde Konqueror 3.2.3
Kde Konqueror 3.0.5b
Kde Konqueror 2.2.1
Kde Konqueror 3.1.3
Kde Konqueror 3.1.4
Kde Konqueror 3.2.1
Mozilla Firefox 0.9.2
Kde Konqueror 3.1.5
Kde Konqueror 2.1.1
Kde Konqueror 3.0.5
Microsoft Internet Explorer 6.0
Suse Suse Linux 9.0
NA
CVE-2004-0867
Mozilla Firefox 0.9.2 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote malicious users to perform a session fixation attack and hijack a user's HTTP session. NOTE: it was later reported th...
Kde Konqueror 3.1.2
Kde Konqueror 3.0.2
Kde Konqueror 2.2.2
Kde Konqueror 3.1
Kde Konqueror 3.0
Microsoft Ie 6.0
Kde Konqueror 3.0.1
Kde Konqueror 3.0.3
Kde Konqueror 3.1.1
Kde Konqueror 2.1.2
Kde Konqueror 3.2.3
Kde Konqueror 3.0.5b
Kde Konqueror 2.2.1
Kde Konqueror 3.1.3
Kde Konqueror 3.1.4
Kde Konqueror 3.2.1
Mozilla Firefox 0.9.2
Kde Konqueror 3.1.5
Kde Konqueror 2.1.1
Kde Konqueror 3.0.5
Microsoft Internet Explorer 6.0
Suse Suse Linux 9.0
NA
CVE-2003-0459
KDE Konqueror for KDE 3.1.2 and previous versions does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.
Redhat Kdelibs 3.0.0-10
Kde Konqueror 3.1.2
Redhat Kdelibs 2.2-11
Kde Konqueror 3.0.2
Redhat Kdelibs Devel 2.2-11
Redhat Kdelibs Sound Devel 2.2-11
Redhat Analog Real-time Synthesizer 2.2-11
Kde Konqueror 2.2.2
Kde Konqueror 3.1
Kde Konqueror 3.0
Redhat Kdelibs Devel 3.1-10
Kde Konqueror 3.0.1
Kde Konqueror 3.0.3
Redhat Kdelibs Sound 2.2-11
Redhat Kdebase 3.0.3-13
Kde Konqueror 3.1.1
Redhat Kdelibs Devel 3.0.0-10
Redhat Kdelibs 3.1-10
Redhat Kdelibs Devel 2.1.1-5
Redhat Kdelibs Sound 2.1.1-5
Redhat Kdelibs 2.1.1-5
Redhat Kdelibs Sound Devel 2.1.1-5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »