Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kde kde vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2018-6790
An issue exists in KDE Plasma Workspace prior to 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote malicious users to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG element.
Kde Plasma-workspace
4.9
CVSSv3
CVE-2016-7787
A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super user.
Kde Kde-cli-tools -
Opensuse Leap 42.1
Opensuse Opensuse 13.2
4.3
CVSSv3
CVE-2019-10734
In KDE Trojita 0.7, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the...
Trojita Project Trojita 0.7
4.3
CVSSv3
CVE-2019-10732
In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the...
Kde Kmail 5.2.3
Debian Debian Linux 8.0
3.7
CVSSv3
CVE-2021-38372
In KDE Trojita 0.7, man-in-the-middle attackers can create new folders because untagged responses from an IMAP server are accepted before STARTTLS.
Kde Trojita 0.7
3.3
CVSSv3
CVE-2024-26911
In the Linux kernel, the following vulnerability has been resolved: drm/buddy: Fix alloc_range() error handling code Few users have observed display corruption when they boot the machine to KDE Plasma or playing games. We have root caused the problem that whenever alloc_range() c...
Linux Linux Kernel
3.3
CVSSv3
CVE-2020-24654
In KDE Ark prior to 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory.
Kde Ark
Canonical Ubuntu Linux 16.04
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.1
Fedoraproject Fedora 32
Canonical Ubuntu Linux 20.04
Opensuse Leap 15.2
Debian Debian Linux 9.0
Fedoraproject Fedora 33
3.3
CVSSv3
CVE-2020-16116
In kerfuffle/jobs.cpp in KDE Ark prior to 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal.
Kde Ark
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
1 Article
3.3
CVSSv3
CVE-2020-12755
fishProtocol::establishConnection in fish/fish.cpp in KDE kio-extras up to and including 20.04.0 makes a cacheAuthentication call even if the user had not set the keepPassword option. This may lead to unintended KWallet storage of a password.
Kde Kio-extras
NA
CVE-2023-52648
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Unmap the surface before resetting it on a plane state Switch to a new plane state requires unreferencing of all held surfaces. In the work required for mob cursors the mapped surfaces started being c...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »