Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kde kdelibs vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2005-1920
The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x up to and including 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote malicious users to obtain sensitive information.
Kde Kde
Debian Debian Linux 3.1
7.5
CVSSv2
CVE-2004-0746
Konqueror in KDE 3.2.3 and previous versions allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote malicious users to perform a session fixation attack and hijack a user's HTTP session.
Kde Konqueror 3.0.3
Kde Konqueror 3.0.5
Kde Konqueror 3.0.5b
Kde Konqueror 3.2.3
Kde Konqueror 3.1
Kde Konqueror 3.1.1
Kde Konqueror 3.0
Kde Konqueror 3.1.2
Kde Konqueror 3.1.3
Kde Konqueror 3.0.1
Kde Konqueror 3.0.2
Kde Konqueror 3.1.5
Kde Konqueror 3.2.1
Mandrakesoft Mandrake Linux 9.2
Suse Suse Linux 8.1
Gentoo Linux 1.4
Kde Kde 3.1.3
Suse Suse Linux 8.2
Suse Suse Linux 8
Kde Kde 3.2
Mandrakesoft Mandrake Linux 10.0
Suse Suse Linux 9.0
2.1
CVSSv2
CVE-2005-0396
Desktop Communication Protocol (DCOP) daemon, aka dcopserver, in KDE prior to 3.4 allows local users to cause a denial of service (dcopserver consumption) by "stalling the DCOP authentication process."
Kde Dcopserver
Kde Desktop Communication Protocol Daemon
2.6
CVSSv2
CVE-2006-3672
KDE Konqueror 3.5.1 and previous versions allows remote malicious users to cause a denial of service (application crash) by calling the replaceChild method on a DOM object, which triggers a null dereference, as demonstrated by calling document.replaceChild with a 0 (zero) argumen...
Kde Konqueror 3.0.2
Kde Konqueror 3.0.3
Kde Konqueror 3.1.5
Kde Konqueror 3.2.1
Kde Konqueror
Kde Konqueror 2.1.1
Kde Konqueror 2.1.2
Kde Konqueror 3.0.5
Kde Konqueror 3.0.5b
Kde Konqueror 3.2.2
Kde Konqueror 3.2.2.6
Kde Konqueror 3.0
Kde Konqueror 3.0.1
Kde Konqueror 3.1.3
Kde Konqueror 3.1.4
Kde Konqueror 3.3.1
Kde Konqueror 3.3.2
Kde Konqueror 2.2.1
Kde Konqueror 2.2.2
Kde Konqueror 3.1
Kde Konqueror 3.1.1
Kde Konqueror 3.1.2
1 EDB exploit
6.4
CVSSv2
CVE-2012-4513
khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote malicious users to cause a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read.
Kde Kde 4.7.3
1 EDB exploit
7.5
CVSSv2
CVE-2002-0970
The SSL capability for Konqueror in KDE 3.0.2 and previous versions does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote malicious users to spoof the certificates of trusted sites via a man-in-the-middle attack.
Kde Konqueror 2.2.2
Kde Konqueror 3.0
Kde Konqueror 3.0.1
Kde Konqueror 3.0.2
Kde Kde 3.0.1
Kde Kde 3.0.2
Kde Kde 2.2.2
Kde Kde 3.0
4.6
CVSSv2
CVE-2004-0689
KDE prior to 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files.
Kde Kde
Debian Debian Linux 3.0
7.5
CVSSv2
CVE-2004-0721
Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
Kde Konqueror 3.1.3
Kde Konqueror 3.2.2
7.5
CVSSv2
CVE-2002-1393
Multiple vulnerabilities in KDE 2 and KDE 3.x up to and including 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote malicious users to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses.
Kde Kde 2.1
Kde Kde 2.1.1
Kde Kde 2.1.2
Kde Kde 3.0.3
Kde Kde 3.0.3a
Kde Kde 2.2
Kde Kde 2.2.1
Kde Kde 3.0.4
Kde Kde 3.0.5
Kde Kde 2.2.2
Kde Kde 3.0
Kde Kde 2.0
Kde Kde 2.0.1
Kde Kde 3.0.1
Kde Kde 3.0.2
7.5
CVSSv2
CVE-2004-0411
The URI handlers in Konqueror for KDE 3.2.2 and previous versions do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote malicious users to manipulate the options that are passed to the as...
Kde Konqueror
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »