Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
konqueror vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2007-6591
KDE Konqueror 3.5.5 and 3.95.00, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regards the certificate as also accepted for all domain names in subjectAltName:dNSName fields, even though these fields cannot be examined in the pr...
Kde Konqueror 3.5.5
Kde Konqueror 3.95.00
668
VMScore
CVE-2004-0721
Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
Kde Konqueror 3.1.3
Kde Konqueror 3.2.2
668
VMScore
CVE-2002-1151
The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 up to and including 3.0.3 does not properly initialize the domains on sub-frames and sub-iframes, which can allow remote malicious users to execute script and steal cookies from subframes that are in other dom...
Kde Konqueror 2.2.2
Kde Konqueror 3.0
Kde Konqueror 3.0.3
Kde Konqueror 3.0.1
Kde Konqueror 3.0.2
Kde Kde 2.2.2
Kde Kde 3.0
Kde Kde 3.0.1
Kde Kde 3.0.2
Kde Kde 3.0.3
668
VMScore
CVE-2002-0970
The SSL capability for Konqueror in KDE 3.0.2 and previous versions does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote malicious users to spoof the certificates of trusted sites via a man-in-the-middle attack.
Kde Konqueror 2.2.2
Kde Konqueror 3.0
Kde Konqueror 3.0.1
Kde Konqueror 3.0.2
Kde Kde 3.0.1
Kde Kde 3.0.2
Kde Kde 2.2.2
Kde Kde 3.0
445
VMScore
CVE-2003-0459
KDE Konqueror for KDE 3.1.2 and previous versions does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.
Kde Konqueror 3.0
Kde Konqueror 3.0.1
Kde Konqueror Embedded 0.1
Redhat Analog Real-time Synthesizer 2.1.1-5
Redhat Kdelibs 3.0.0-10
Redhat Kdelibs 3.1-10
Redhat Kdelibs Sound 2.1.1-5
Redhat Kdelibs Sound 2.2-11
Kde Konqueror 3.0.5
Kde Konqueror 3.1
Redhat Kdebase 3.0.3-13
Redhat Kdelibs Devel 2.2-11
Redhat Kdelibs Devel 3.0.0-10
Redhat Kdelibs Sound Devel 2.2-11
Kde Konqueror 3.0.2
Kde Konqueror 3.0.3
Redhat Analog Real-time Synthesizer 2.2-11
Redhat Kdelibs Devel 2.1.1-5
Redhat Kdelibs Sound Devel 2.1.1-5
Kde Konqueror 2.1.1
Kde Konqueror 2.2.2
Kde Konqueror 3.1.1
383
VMScore
CVE-2009-2537
KDE Konqueror allows remote malicious users to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
Kde Konqueror
668
VMScore
CVE-2004-0411
The URI handlers in Konqueror for KDE 3.2.2 and previous versions do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote malicious users to manipulate the options that are passed to the as...
Kde Konqueror
435
VMScore
CVE-2008-5698
HTMLTokenizer::scriptHandler in Konqueror in KDE 3.5.9 and 3.5.10 allows remote malicious users to cause a denial of service (application crash) via an invalid document.load call that triggers use of a deleted object. NOTE: some of these details are obtained from third party info...
Kde Konqueror
1 EDB exploit
505
VMScore
CVE-2007-6000
KDE Konqueror 3.5.6 and previous versions allows remote malicious users to cause a denial of service (crash) via large HTTP cookie parameters.
Kde Konqueror
1 EDB exploit
435
VMScore
CVE-2007-4229
Unspecified vulnerability in KDE Konqueror 3.5.7 and previous versions allows remote malicious users to cause a denial of service (failed assertion and application crash) via certain malformed HTML, as demonstrated by a document containing TEXTAREA, BUTTON, BR, BDO, PRE, FRAMESET...
Kde Konqueror
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »