Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
konqueror vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-1151
The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 up to and including 3.0.3 does not properly initialize the domains on sub-frames and sub-iframes, which can allow remote malicious users to execute script and steal cookies from subframes that are in other dom...
Kde Konqueror 3.0.2
Kde Konqueror 2.2.2
Kde Konqueror 3.0
Kde Konqueror 3.0.1
Kde Konqueror 3.0.3
Kde Kde 3.0.2
Kde Kde 3.0.1
Kde Kde 3.0
Kde Kde 2.2.2
Kde Kde 3.0.3
NA
CVE-2007-6591
KDE Konqueror 3.5.5 and 3.95.00, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regards the certificate as also accepted for all domain names in subjectAltName:dNSName fields, even though these fields cannot be examined in the pr...
Kde Konqueror 3.95.00
Kde Konqueror 3.5.5
NA
CVE-2004-0721
Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
Kde Konqueror 3.1.3
Kde Konqueror 3.2.2
NA
CVE-2002-0970
The SSL capability for Konqueror in KDE 3.0.2 and previous versions does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote malicious users to spoof the certificates of trusted sites via a man-in-the-middle attack.
Kde Konqueror 3.0.2
Kde Konqueror 2.2.2
Kde Konqueror 3.0
Kde Konqueror 3.0.1
Kde Kde 3.0.2
Kde Kde 3.0.1
Kde Kde 3.0
Kde Kde 2.2.2
NA
CVE-2003-0459
KDE Konqueror for KDE 3.1.2 and previous versions does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.
Redhat Kdelibs 3.0.0-10
Kde Konqueror 3.1.2
Redhat Kdelibs 2.2-11
Kde Konqueror 3.0.2
Redhat Kdelibs Devel 2.2-11
Redhat Kdelibs Sound Devel 2.2-11
Redhat Analog Real-time Synthesizer 2.2-11
Kde Konqueror 2.2.2
Kde Konqueror 3.1
Kde Konqueror 3.0
Redhat Kdelibs Devel 3.1-10
Kde Konqueror 3.0.1
Kde Konqueror 3.0.3
Redhat Kdelibs Sound 2.2-11
Redhat Kdebase 3.0.3-13
Kde Konqueror 3.1.1
Redhat Kdelibs Devel 3.0.0-10
Redhat Kdelibs 3.1-10
Redhat Kdelibs Devel 2.1.1-5
Redhat Kdelibs Sound 2.1.1-5
Redhat Kdelibs 2.1.1-5
Redhat Kdelibs Sound Devel 2.1.1-5
NA
CVE-2007-4229
Unspecified vulnerability in KDE Konqueror 3.5.7 and previous versions allows remote malicious users to cause a denial of service (failed assertion and application crash) via certain malformed HTML, as demonstrated by a document containing TEXTAREA, BUTTON, BR, BDO, PRE, FRAMESET...
Kde Konqueror
1 EDB exploit
NA
CVE-2009-2537
KDE Konqueror allows remote malicious users to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
Kde Konqueror
NA
CVE-2004-0411
The URI handlers in Konqueror for KDE 3.2.2 and previous versions do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote malicious users to manipulate the options that are passed to the as...
Kde Konqueror
NA
CVE-2008-5698
HTMLTokenizer::scriptHandler in Konqueror in KDE 3.5.9 and 3.5.10 allows remote malicious users to cause a denial of service (application crash) via an invalid document.load call that triggers use of a deleted object. NOTE: some of these details are obtained from third party info...
Kde Konqueror
1 EDB exploit
NA
CVE-2007-6000
KDE Konqueror 3.5.6 and previous versions allows remote malicious users to cause a denial of service (crash) via large HTTP cookie parameters.
Kde Konqueror
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »