Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kde kdelibs vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2005-1046
Buffer overflow in the kimgio library for KDE 3.4.0 allows remote malicious users to execute arbitrary code via a crafted PCX image file.
Kde Kde 3.4.0
2.1
CVSSv2
CVE-2005-0396
Desktop Communication Protocol (DCOP) daemon, aka dcopserver, in KDE prior to 3.4 allows local users to cause a denial of service (dcopserver consumption) by "stalling the DCOP authentication process."
Kde Dcopserver
Kde Desktop Communication Protocol Daemon
5
CVSSv2
CVE-2005-0237
The International Domain Name (IDN) support in Konqueror 3.2.1 on KDE 3.2.1 allows remote malicious users to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, whi...
Kde Konqueror 3.2.1
Kde Kde 3.2.1
7.5
CVSSv2
CVE-2004-1158
Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote malicious users to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a ...
Kde Konqueror 2.2.1
Kde Konqueror 2.2.2
Kde Konqueror 3.0
Kde Konqueror 3.1.1
Kde Konqueror 3.1.2
Kde Konqueror 3.3
Kde Konqueror 3.3.1
Kde Konqueror 2.1.1
Kde Konqueror 2.1.2
Kde Konqueror 3.0.5b
Kde Konqueror 3.1
Kde Konqueror 3.2.2.6
Kde Konqueror 3.2.3
Kde Konqueror 3.0.3
Kde Konqueror 3.0.5
Kde Konqueror 3.1.5
Kde Konqueror 3.2.1
Kde Konqueror 3.0.1
Kde Konqueror 3.0.2
Kde Konqueror 3.1.3
Kde Konqueror 3.1.4
Kde Konqueror 3.3.2
7.5
CVSSv2
CVE-2004-1165
Konqueror 3.3.1 allows remote malicious users to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline ("%0a") before the FTP command, which causes the commands to be inserted into the resulting FTP session, as demonstrated using a PORT co...
Kde Kdelibs 3.1.4
Kde Kdelibs 3.1.5
Kde Kdelibs 3.2
Kde Kdelibs 3.2.1
Kde Kdelibs 3.1
Kde Kdelibs 3.2.2
Kde Konqueror 3.3.1
Kde Kdelibs 3.1.1
Kde Kdelibs 3.1.2
Kde Kdelibs 3.1.3
1 EDB exploit
5
CVSSv2
CVE-2004-1145
Multiple vulnerabilities in Konqueror in KDE 3.3.1 and previous versions (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote malicious users to bypass sandbox restrict...
Ethereal Group Ethereal 0.10.1
Ethereal Group Ethereal 0.10.2
Ethereal Group Ethereal 0.9.1
Ethereal Group Ethereal 0.9.10
Ethereal Group Ethereal 0.9.3
Ethereal Group Ethereal 0.9.4
Conectiva Linux 10.0
Conectiva Linux 9.0
Ethereal Group Ethereal 0.10
Ethereal Group Ethereal 0.10.7
Ethereal Group Ethereal 0.9
Ethereal Group Ethereal 0.9.16
Ethereal Group Ethereal 0.9.2
Ethereal Group Ethereal 0.9.9
Sgi Propack 3.0
Ethereal Group Ethereal 0.10.3
Ethereal Group Ethereal 0.10.4
Ethereal Group Ethereal 0.9.11
Ethereal Group Ethereal 0.9.12
Ethereal Group Ethereal 0.9.13
Ethereal Group Ethereal 0.9.5
Ethereal Group Ethereal 0.9.6
7.5
CVSSv2
CVE-2004-0746
Konqueror in KDE 3.2.3 and previous versions allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote malicious users to perform a session fixation attack and hijack a user's HTTP session.
Kde Konqueror 3.0.3
Kde Konqueror 3.0.5
Kde Konqueror 3.0.5b
Kde Konqueror 3.2.3
Kde Konqueror 3.1
Kde Konqueror 3.1.1
Kde Konqueror 3.0
Kde Konqueror 3.1.2
Kde Konqueror 3.1.3
Kde Konqueror 3.0.1
Kde Konqueror 3.0.2
Kde Konqueror 3.1.5
Kde Konqueror 3.2.1
Mandrakesoft Mandrake Linux 9.2
Suse Suse Linux 8.1
Gentoo Linux 1.4
Kde Kde 3.1.3
Suse Suse Linux 8.2
Suse Suse Linux 8
Kde Kde 3.2
Mandrakesoft Mandrake Linux 10.0
Suse Suse Linux 9.0
4.6
CVSSv2
CVE-2004-0689
KDE prior to 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files.
Kde Kde
Debian Debian Linux 3.0
7.5
CVSSv2
CVE-2004-0721
Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
Kde Konqueror 3.1.3
Kde Konqueror 3.2.2
7.5
CVSSv2
CVE-2004-0411
The URI handlers in Konqueror for KDE 3.2.2 and previous versions do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote malicious users to manipulate the options that are passed to the as...
Kde Konqueror
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »