Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kde vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-19120
The HTML thumbnailer plugin in KDE Applications prior to 18.12.0 allows malicious users to trigger outbound TCP connections to arbitrary IP addresses, leading to disclosure of the source IP address.
Kde Kde Applications
7.5
CVSSv3
CVE-2017-9604
KDE kmail prior to 5.5.2 and messagelib prior to 5.5.2, as distributed in KDE Applications prior to 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote malicious users to obtain sensitive information by ...
Kde Messagelib
Kde Kmail
5.5
CVSSv3
CVE-2017-6410
kpac/script.cpp in KDE kio prior to 5.32 and kdelibs prior to 4.14.30 calls the PAC FindProxyForURL function with a full https URL (potentially including Basic Authentication credentials, a query string, or PATH_INFO), which allows remote malicious users to obtain sensitive infor...
Kde Kdelibs
Kde Kio
7.8
CVSSv3
CVE-2022-23853
The LSP (Language Server Protocol) plugin in KDE Kate prior to 21.12.2 and KTextEditor prior to 5.91.0 tries to execute the associated LSP server binary when opening a file of a given type. If this binary is absent from the PATH, it will try running the LSP server binary in the d...
Kde Ktexteditor
Kde Kate
NA
CVE-2010-0923
Race condition in workspace/krunner/lock/lockdlg.cc in the KRunner lock module in kdebase in KDE SC 4.4.0 allows physically proximate malicious users to bypass KScreenSaver screen locking and access an unattended workstation by pressing the Enter key at a certain time, related to...
Kde Kde Sc 4.4.0
NA
CVE-2014-8600
Multiple cross-site scripting (XSS) vulnerabilities in KDE-Runtime 4.14.3 and previous versions, kwebkitpart 1.3.4 and previous versions, and kio-extras 5.1.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via a crafted URI using the (1)...
Urs Wolfer Kwebkitpart
Kde Kde-runtime
Kde Kio-extras
Opensuse Opensuse 13.1
NA
CVE-1999-1269
Screen savers in KDE beta 3 allows local users to overwrite arbitrary files via a symlink attack on the .kss.pid file.
Kde Kde Beta 3 Initial
NA
CVE-2009-2896
Buffer overflow in KMplayer 2.9.4.1433 and previous versions allows remote malicious users to cause a denial of service (application crash) or execute arbitrary code via a long string in a subtitle (.srt) playlist file. NOTE: some of these details are obtained from third party in...
Kde Kmplayer
Kde Kmplayer 2.9.3.1210
1 EDB exploit
NA
CVE-2005-0404
KMail 1.7.1 in KDE 3.3.2 allows remote malicious users to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email.
Kmail Kmail 1.7.1
Kde Kde 3.3.2
1 EDB exploit
7.8
CVSSv3
CVE-2006-2916
artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges.
Kde Arts 1.0
Kde Arts 1.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »