Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kde kde vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2009-2702
KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle malicious users to spoof arbitrary SSL servers via a crafted certificate is...
Kde Kdelibs 4.3
Kde Kdelibs 3.5.4
Kde Kdelibs 4.2.4
5
CVSSv2
CVE-2018-19120
The HTML thumbnailer plugin in KDE Applications prior to 18.12.0 allows malicious users to trigger outbound TCP connections to arbitrary IP addresses, leading to disclosure of the source IP address.
Kde Kde Applications
7.5
CVSSv2
CVE-2005-1046
Buffer overflow in the kimgio library for KDE 3.4.0 allows remote malicious users to execute arbitrary code via a crafted PCX image file.
Kde Kde 3.4.0
7.2
CVSSv2
CVE-1999-1107
Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable.
Kde Kde 1.0
7.2
CVSSv2
CVE-1999-1096
Buffer overflow in kscreensaver in KDE klock allows local users to gain root privileges via a long HOME environmental variable.
Kde Kde 1.0
4.6
CVSSv2
CVE-1999-1270
KMail in KDE 1.0 provides a PGP passphrase as a command line argument to other programs, which could allow local users to obtain the passphrase and compromise the PGP keys of other users by viewing the arguments via programs that list process information, such as ps.
Kde Kde 1.0
5
CVSSv2
CVE-2013-7252
kwalletd in KWallet before KDE Applications 14.12.0 uses Blowfish with ECB mode instead of CBC mode when encrypting the password store, which makes it easier for malicious users to guess passwords via a codebook attack.
Kde Kde Applications
4.6
CVSSv2
CVE-2004-0690
The DCOPServer in KDE 3.2.3 and previous versions allows local users to gain unauthorized access via a symlink attack on DCOP files in the /tmp directory.
Kde Kde 3.2.1
5
CVSSv2
CVE-2018-19516
messagepartthemes/default/defaultrenderer.cpp in messagelib in KDE Applications prior to 18.12.0 does not properly restrict the handling of an http-equiv="REFRESH" value.
Kde Kde Applications
6.4
CVSSv2
CVE-2012-4513
khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote malicious users to cause a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read.
Kde Kde 4.7.3
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »