Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kde konqueror vulnerabilities and exploits
(subscribe to this query)
2.6
CVSSv2
CVE-2007-0537
The KDE HTML library (kdelibs), as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote malicious users to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title t...
Kde Konqueror 3.5.5
5
CVSSv2
CVE-2007-2164
Konqueror 3.5.5 release 45.4 allows remote malicious users to cause a denial of service (browser crash or abort) via JavaScript that matches a regular expression against a long string, as demonstrated using /(.)*/.
Kde Konqueror 3.5.5
2.6
CVSSv2
CVE-2007-3820
konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote malicious users to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI from being displayed.
Kde Konqueror 3.5.7
4.3
CVSSv2
CVE-2007-1308
ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror in KDE 3.5.5, allows remote malicious users to cause a denial of service (crash) by accessing the content of an iframe with an ftp:// URI in the src attribute, probably due to a NULL pointer dereference.
Kde Konqueror 3.5.5
1 EDB exploit
6.8
CVSSv2
CVE-2007-1564
The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.
Kde Konqueror 3.5.5
1 EDB exploit
6.8
CVSSv2
CVE-2007-4225
Visual truncation vulnerability in KDE Konqueror 3.5.7 allows remote malicious users to spoof the URL address bar via an http URI with a large amount of whitespace in the user/password portion.
Kde Konqueror 3.5.7
7.8
CVSSv2
CVE-2007-1565
Konqueror 3.5.5 allows remote malicious users to cause a denial of service (crash) by using JavaScript to read a child iframe having an ftp:// URI.
Kde Konqueror 3.5.5
5
CVSSv2
CVE-2008-4382
Konqueror in KDE 3.5.9 allows remote malicious users to cause a denial of service (application crash) via Javascript that calls the alert function with a URL-encoded string of a large number of invalid characters.
Kde Konqueror 3.5.9
6.4
CVSSv2
CVE-2007-3143
Visual truncation vulnerability in Konqueror 3.5.5 allows remote malicious users to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Auth...
Kde Konqueror 3.5.5
5
CVSSv2
CVE-2008-5712
The HTML parser in KDE Konqueror 3.5.9 allows remote malicious users to cause a denial of service (application crash) via (1) a long COLOR attribute in an HR element; or a long (a) BGCOLOR or (b) BORDERCOLOR attribute in a (2) TABLE, (3) TD, or (4) TR element. NOTE: the FONT vect...
Kde Konqueror 3.5.9
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »