Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kde vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2018-10380
kwallet-pam in KDE KWallet prior to 5.12.6 allows local users to obtain ownership of arbitrary files via a symlink attack.
Kde Plasma
Debian Debian Linux 9.0
Opensuse Leap 15.0
Opensuse Leap 42.3
7.8
CVSSv3
CVE-2018-10361
An issue exists in KTextEditor 5.34.0 up to and including 5.45.0. Insecure handling of temporary files in the KTextEditor's kauth_ktexteditor_helper service (as utilized in the Kate text editor) can allow other unprivileged users on the local system to gain root privileges. ...
Kde Ktexteditor
5.3
CVSSv3
CVE-2018-6790
An issue exists in KDE Plasma Workspace prior to 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote malicious users to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG element.
Kde Plasma-workspace
6.8
CVSSv3
CVE-2018-6791
An issue exists in soliduiserver/deviceserviceaction.cpp in KDE Plasma Workspace prior to 5.12.0. When a vfat thumbdrive that contains `` or $() in its volume label is plugged in and mounted through the device notifier, it's interpreted as a shell command, leading to a possi...
Kde Plasma-workspace
Debian Debian Linux 9.0
1 Article
7.5
CVSSv3
CVE-2017-15923
Konversation 1.4.x, 1.5.x, 1.6.x, and 1.7.x prior to 1.7.3 allow remote malicious users to cause a denial of service (crash) via vectors related to parsing of IRC color formatting codes.
Konversation Konversation
Debian Debian Linux 9.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
5.9
CVSSv3
CVE-2014-8878
KDE KMail does not encrypt attachments in emails when "automatic encryption" is enabled, which allows remote malicious users to obtain sensitive information by sniffing the network.
Kde Kmail 4.11.5
7
CVSSv3
CVE-2015-7543
aRts 1.5.10 and kdelibs3 3.5.10 and previous versions do not properly create temporary directories, which allows local users to hijack the IPC by pre-creating the temporary directory.
Artsproject Arts 1.5.10
Kde Kdelibs
7.5
CVSSv3
CVE-2017-9604
KDE kmail prior to 5.5.2 and messagelib prior to 5.5.2, as distributed in KDE Applications prior to 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote malicious users to obtain sensitive information by ...
Kde Messagelib
Kde Kmail
7.8
CVSSv3
CVE-2017-8849
smb4k prior to 2.0.1 allows local users to gain root privileges by leveraging failure to verify arguments to the mount helper DBUS service.
Smb4k Project Smb4k
Debian Debian Linux 8.0
1 EDB exploit
1 Github repository
7.8
CVSSv3
CVE-2017-5330
ark prior to 16.12.1 might allow remote malicious users to execute arbitrary code via an executable in an archive, related to associated applications.
Fedoraproject Fedora 25
Kde Ark
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAP
CVE-2024-4367
server-side request forgery
information disclosure
CVE-2024-34342
CVE-2024-4281
CVE-2024-3507
CVE-2024-25560
CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »