Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kde vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2004-0721
Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
Kde Konqueror 3.1.3
Kde Konqueror 3.2.2
7.5
CVSSv2
CVE-2004-0411
The URI handlers in Konqueror for KDE 3.2.2 and previous versions do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote malicious users to manipulate the options that are passed to the as...
Kde Konqueror
7.5
CVSSv2
CVE-2003-0592
Konqueror in KDE 3.1.3 and previous versions (kdelibs) allows remote malicious users to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Konqueror to send the cookie outsi...
Kde Konqueror 2.1.1
Kde Konqueror 3.1
Kde Konqueror 3.1.1
Kde Konqueror 2.2.2
Kde Konqueror 3.0
Kde Konqueror 3.1.2
Kde Konqueror Embedded 0.1
Kde Konqueror 3.0.3
Kde Konqueror 3.0.5
Kde Konqueror 3.0.1
Kde Konqueror 3.0.2
7.5
CVSSv2
CVE-2003-0988
Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 up to and including 3.1.4 allows malicious users to execute arbitrary code via a VCF file.
Kde Kde 3.1.3
Kde Kde 3.1.1
Kde Kde 3.1.2
Kde Kde 3.1.0
7.5
CVSSv2
CVE-2003-0692
KDM in KDE 3.1.3 and previous versions uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows malicious users to guess session cookies via brute force methods and gain access to the user session.
Kde Kde 2.0.1
Kde Kde 2.0 Beta
Kde Kde 2.1
Kde Kde 3.0.1
Kde Kde 3.0.2
Kde Kde 3.1
Kde Kde 3.1.1
Kde Kde 1.1.1
Kde Kde 1.1.2
Kde Kde 2.2
Kde Kde 2.2.1
Kde Kde 3.0.4
Kde Kde 3.0.5
Kde Kde 3.1.3
Kde Kde 1.2
Kde Kde 2.0
Kde Kde 2.2.2
Kde Kde 3.0
Kde Kde 3.0.5a
Kde Kde 3.0.5b
Kde Kde 1.1
Kde Kde 2.1.1
7.5
CVSSv2
CVE-2003-0370
Konqueror Embedded and KDE 2.2.2 and previous versions does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote malicious users to spoof certificates via a man-in-the-middle attack.
Apple Safari 1.0
Kde Konqueror Embedded 0.1
Turbolinux Turbolinux Server 8.0
Turbolinux Turbolinux Workstation 8.0
Redhat Linux 7.1
Redhat Linux 7.2
Turbolinux Turbolinux Server 7.0
Turbolinux Turbolinux Workstation 7.0
Kde Kde
7.5
CVSSv2
CVE-2003-0256
The GnuPG plugin in kopete prior to 0.6.2 does not properly cleanse the command line when executing gpg, which allows remote malicious users to execute arbitrary commands.
Kde Kopete 0.6.1
7.5
CVSSv2
CVE-2003-0204
KDE 2 and KDE 3.1.1 and previous versions 3.x versions allows malicious users to execute arbitrary commands via (1) PostScript (PS) or (2) PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when using the kghostview Ghostscript viewer.
Kde Kde 2.0
Kde Kde 2.2.2
Kde Kde 3.0
Kde Kde 3.1
Kde Kde 3.1.1
Kde Kde 2.0.1
Kde Kde 2.1
Kde Kde 3.0.1
Kde Kde 3.0.2
Kde Kde 2.1.1
Kde Kde 2.1.2
Kde Kde 3.0.3
Kde Kde 3.0.3a
Kde Kde 2.2
Kde Kde 2.2.1
Kde Kde 3.0.4
Kde Kde 3.0.5
Kde Kde 3.0.5a
7.5
CVSSv2
CVE-2002-1393
Multiple vulnerabilities in KDE 2 and KDE 3.x up to and including 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote malicious users to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses.
Kde Kde 2.1
Kde Kde 2.1.1
Kde Kde 2.1.2
Kde Kde 3.0.3
Kde Kde 3.0.3a
Kde Kde 2.2
Kde Kde 2.2.1
Kde Kde 3.0.4
Kde Kde 3.0.5
Kde Kde 2.2.2
Kde Kde 3.0
Kde Kde 2.0
Kde Kde 2.0.1
Kde Kde 3.0.1
Kde Kde 3.0.2
7.5
CVSSv2
CVE-2002-1281
Unknown vulnerability in the rlogin KIO subsystem (rlogin.protocol) of KDE 2.x 2.1 and later, and KDE 3.x 3.0.4 and previous versions, allows local and remote malicious users to execute arbitrary code via a certain URL.
Kde Kde 2.2.1
Kde Kde 2.2.2
Kde Kde 3.0
Kde Kde 2.1.2
Kde Kde 2.2
Kde Kde 3.0.1
Kde Kde 3.0.2
Kde Kde 2.1
Kde Kde 2.1.1
Kde Kde 3.0.3
Kde Kde 3.0.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »