Filtered by vendor Kde
Subscribe
Total
193 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0460 | 1 Kde | 1 Kde | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable. | |||||
CVE-2004-1491 | 4 Gentoo, Kde, Opera and 1 more | 4 Linux, Kde, Opera Browser and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry. | |||||
CVE-2002-0970 | 1 Kde | 2 Kde, Konqueror | 2024-02-04 | 7.5 HIGH | N/A |
The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack. | |||||
CVE-2001-0610 | 2 Kde, Suse | 2 Kde, Suse Linux | 2024-02-04 | 4.6 MEDIUM | N/A |
kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp. | |||||
CVE-1999-1269 | 1 Kde | 1 Kde Beta 3 | 2024-02-04 | 2.1 LOW | N/A |
Screen savers in KDE beta 3 allows local users to overwrite arbitrary files via a symlink attack on the .kss.pid file. | |||||
CVE-2004-0527 | 1 Kde | 1 Konqueror | 2024-02-04 | 5.0 MEDIUM | N/A |
KDE Konqueror 2.1.1 and 2.2.2 allows remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack. | |||||
CVE-2000-0918 | 1 Kde | 1 Kvt | 2024-02-04 | 7.2 HIGH | N/A |
Format string vulnerability in kvt in KDE 1.1.2 may allow local users to execute arbitrary commands via a DISPLAY environmental variable that contains formatting characters. | |||||
CVE-2002-1223 | 1 Kde | 1 Kde | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file. | |||||
CVE-2000-0481 | 1 Kde | 1 K-mail | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in KDE Kmail allows a remote attacker to cause a denial of service via an attachment with a long file name. | |||||
CVE-2003-0256 | 1 Kde | 1 Kopete | 2024-02-04 | 7.5 HIGH | N/A |
The GnuPG plugin in kopete before 0.6.2 does not properly cleanse the command line when executing gpg, which allows remote attackers to execute arbitrary commands. | |||||
CVE-1999-0782 | 3 Freebsd, Kde, Linux | 3 Freebsd, Kde, Linux Kernel | 2024-02-04 | 2.1 LOW | N/A |
KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable. | |||||
CVE-2003-0692 | 1 Kde | 1 Kde | 2024-02-04 | 7.5 HIGH | N/A |
KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session. | |||||
CVE-2003-0355 | 2 Apple, Kde | 2 Safari, Konqueror Embedded | 2024-02-04 | 5.0 MEDIUM | N/A |
Safari 1.0 Beta 2 (v73) and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates. |