Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kde vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2014-8651
The KDE Clock KCM policykit helper in kde-workspace prior to 4.11.14 and plasma-desktop prior to 5.1.1 allows local users to gain privileges via a crafted ntpUtility (ntp utility name) argument.
Kde Plasma-desktop
Kde Kde-workspace
6.9
CVSSv2
CVE-2014-5033
KDE kdelibs prior to 4.14 and kauth prior to 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) p...
Canonical Ubuntu Linux 14.04
Debian Kde4libs -
Canonical Ubuntu Linux 12.04
Kde Kdelibs 4.12.95
Kde Kdelibs 4.12.90
Kde Kdelibs 4.11.97
Kde Kdelibs 4.11.95
Kde Kdelibs 4.11.1
Kde Kdelibs 4.11.0
Kde Kdelibs
Kde Kdelibs 4.13.95
Kde Kauth
Kde Kdelibs 4.13.3
Kde Kdelibs 4.12.80
Kde Kdelibs 4.12.5
Kde Kdelibs 4.11.90
Kde Kdelibs 4.11.80
Kde Kdelibs 4.10.97
Kde Kdelibs 4.10.95
Kde Kdelibs 4.13.90
Kde Kdelibs 4.13.80
Kde Kdelibs 4.13.0
4.3
CVSSv2
CVE-2014-3494
kio/usernotificationhandler.cpp in the POP3 kioslave in kdelibs 4.10.95 prior to 4.13.3 does not properly generate warning notifications, which allows man-in-the-middle malicious users to obtain sensitive information via an invalid certificate.
Opensuse Opensuse 13.1
Kde Kdelibs 4.11.5
Kde Kdelibs 4.11.90
Kde Kdelibs 4.12.4
Kde Kdelibs 4.11.95
Kde Kdelibs 4.11.97
Kde Kdelibs 4.12.0
Kde Kdelibs 4.12.1
Kde Kdelibs 4.12.2
Kde Kdelibs 4.11.0
Kde Kdelibs 4.11.1
Kde Kdelibs 4.11.2
Kde Kdelibs 4.11.3
Kde Kdelibs 4.12.90
Kde Kdelibs 4.12.95
Kde Kdelibs 4.12.97
Kde Kdelibs 4.13.0
Kde Kdelibs 4.12.80
Kde Kdelibs 4.13.1
Kde Kdelibs 4.10.97
Kde Kdelibs 4.11.4
Kde Kdelibs 4.11.80
5
CVSSv2
CVE-2013-2074
kioslave/http/http.cpp in KIO in kdelibs 4.10.3 and previous versions allows malicious users to discover credentials via a crafted request that triggers an "internal server error," which includes the username and password in an error message.
Kde Kdelibs
Kde Kdelibs 4.10.1
Kde Kdelibs 4.10.2
Kde Kdelibs 4.10.0
6.8
CVSSv2
CVE-2011-2725
Directory traversal vulnerability in Ark 4.7.x and previous versions allows remote malicious users to delete and force the display of arbitrary files via .. (dot dot) sequences in a zip file.
Kde Kde Sc 4.7.1
Kde Kde Sc 4.7.2
Kde Kde Sc 4.7.3
Kde Kde Sc
Kde Ark
Kde Kde Sc 4.7.0
Opensuse Opensuse 11.4
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.10
4.4
CVSSv2
CVE-2013-3713
The image creation configuration in aaa_base prior to 16.26.1 for openSUSE 13.1 KDE adds the root user to the "users" group when installing from a live image, which allows local users to obtain sensitive information and possibly have other unspecified impacts, as demons...
Opensuse Opensuse 13.1
5
CVSSv2
CVE-2013-4132
KDE-Workspace 4.10.5 and previous versions does not properly handle the return value of the glibc 2.17 crypt and pw_encrypt functions, which allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via (1) an invalid salt or a (2) DES or (3)...
Kde Kde Sc
Kde Kde-workspace
Opensuse Opensuse 12.2
6.4
CVSSv2
CVE-2012-4513
khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote malicious users to cause a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read.
Kde Kde 4.7.3
1 EDB exploit
6.8
CVSSv2
CVE-2012-4515
Use-after-free vulnerability in khtml/rendering/render_replaced.cpp in Konqueror in KDE 4.7.3, when the context menu is shown, allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code by accessing an iframe when it is being updated.
Kde Kde 4.7.3
1 EDB exploit
5
CVSSv2
CVE-2012-4514
rendering/render_replaced.cpp in Konqueror in KDE prior to 4.9.3 allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted web page, related to "trying to reuse a frame with a null part."
Kde Kde 3.2.1
Kde Kde 3.2.3
Kde Kde 3.1.1
Kde Kde 3.1.2
Kde Kde 3.5
Kde Kde 3.3.x
Kde Kde 1.1
Kde Kde 4.7.3
Kde Kde 2.2
Kde Kde 1.x
Kde Kde 3.5.7
Kde Kde 2.0.1
Kde Kde 3.0.5
Kde Kde 3.1 Beta2
Kde Kde 3.0.1
Kde Kde 3.0
Kde Kde 3.0.2
Kde Kde
Kde Kde 3.1.5
Kde Kde 3.1.4
Kde Kde 3.2.0
Kde Kde 3.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »