Filtered by vendor Kde
Subscriptions
Filtered by product Kde
Subscriptions
Total
69 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-9604 | 1 Kde | 3 Kde, Kmail, Messagelib | 2024-09-17 | N/A |
KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the network. | ||||
CVE-2002-2333 | 1 Kde | 1 Kde | 2024-09-16 | N/A |
Buffer overflow in konqueror in KDE 2.1 through 3.0 and 3.0.2 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes. | ||||
CVE-2000-0530 | 2 Caldera, Kde | 2 Openlinux, Kde | 2024-08-08 | N/A |
The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files. | ||||
CVE-2000-0460 | 1 Kde | 1 Kde | 2024-08-08 | N/A |
Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable. | ||||
CVE-2000-0393 | 1 Kde | 1 Kde | 2024-08-08 | N/A |
The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute. | ||||
CVE-2000-0371 | 1 Kde | 1 Kde | 2024-08-08 | N/A |
The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack. | ||||
CVE-2001-0610 | 2 Kde, Suse | 2 Kde, Suse Linux | 2024-08-08 | N/A |
kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp. | ||||
CVE-2002-1281 | 2 Kde, Redhat | 2 Kde, Linux | 2024-08-08 | N/A |
Unknown vulnerability in the rlogin KIO subsystem (rlogin.protocol) of KDE 2.x 2.1 and later, and KDE 3.x 3.0.4 and earlier, allows local and remote attackers to execute arbitrary code via a certain URL. | ||||
CVE-2002-1224 | 2 Kde, Redhat | 2 Kde, Linux | 2024-08-08 | N/A |
Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE 3.0.3a allows remote attackers to read arbitrary files as the kpf user via a URL with a modified icon parameter. | ||||
CVE-2002-1393 | 2 Kde, Redhat | 3 Kde, Enterprise Linux, Linux | 2024-08-08 | N/A |
Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses. | ||||
CVE-2002-1223 | 2 Kde, Redhat | 2 Kde, Linux | 2024-08-08 | N/A |
Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file. | ||||
CVE-2002-1306 | 2 Kde, Redhat | 3 Kde, Enterprise Linux, Linux | 2024-08-08 | N/A |
Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KDE 3.x before 3.0.4, allow (1) local and possibly remote attackers to execute arbitrary code via the "lisa" daemon, and (2) remote attackers to execute arbitrary code via a certain "lan://" URL. | ||||
CVE-2002-1282 | 2 Kde, Redhat | 2 Kde, Linux | 2024-08-08 | N/A |
Unknown vulnerability in the telnet KIO subsystem (telnet.protocol) of KDE 2.x 2.1 and later allows local and remote attackers to execute arbitrary code via a certain URL. | ||||
CVE-2002-1247 | 3 Kde, Lisa, Redhat | 5 Kde, Klisa, Lisa and 2 more | 2024-08-08 | N/A |
Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon. | ||||
CVE-2002-1151 | 2 Kde, Redhat | 4 Kde, Konqueror, Enterprise Linux and 1 more | 2024-08-08 | N/A |
The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 through 3.0.3 does not properly initialize the domains on sub-frames and sub-iframes, which can allow remote attackers to execute script and steal cookies from subframes that are in other domains. | ||||
CVE-2002-1152 | 2 Kde, Redhat | 2 Kde, Linux | 2024-08-08 | N/A |
Konqueror in KDE 3.0 through 3.0.2 does not properly detect the "secure" flag in an HTTP cookie, which could cause Konqueror to send the cookie across an unencrypted channel, which could allow remote attackers to steal the cookie via sniffing. | ||||
CVE-2002-0970 | 2 Kde, Redhat | 4 Kde, Konqueror, Enterprise Linux and 1 more | 2024-08-08 | N/A |
The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack. | ||||
CVE-2002-0227 | 2 Kde, Kicq | 2 Kde, Kicq | 2024-08-08 | N/A |
KICQ 2.0.0b1 allows remote attackers to cause a denial of service (crash) via a malformed message. | ||||
CVE-2003-0988 | 2 Kde, Redhat | 3 Kde, Enterprise Linux, Linux | 2024-08-08 | N/A |
Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file. | ||||
CVE-2003-0692 | 2 Kde, Redhat | 3 Kde, Enterprise Linux, Linux | 2024-08-08 | N/A |
KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session. |