Filtered by vendor Kde
Subscribe
Total
195 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0690 | 1 Kde | 1 Kde | 2025-04-03 | 10.0 HIGH | N/A |
| KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred function call succeeds, which may allow attackers to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pam_krb5 module. | |||||
| CVE-2004-0690 | 1 Kde | 1 Kde | 2025-04-03 | 4.6 MEDIUM | N/A |
| The DCOPServer in KDE 3.2.3 and earlier allows local users to gain unauthorized access via a symlink attack on DCOP files in the /tmp directory. | |||||
| CVE-2000-0460 | 1 Kde | 1 Kde | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable. | |||||
| CVE-2005-4684 | 1 Kde | 1 Konqueror | 2025-04-03 | 6.4 MEDIUM | N/A |
| Konqueror can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a user into accepting a cookie for a hostname formed via search-list expansion of the hostname entered by the user, or steal a cookie for an expanded hostname, as demonstrated by an attacker who operates an ap1.com Internet web site to steal cookies associated with an ap1.com.example.com intranet web site. | |||||
| CVE-2004-1491 | 4 Gentoo, Kde, Opera and 1 more | 4 Linux, Kde, Opera Browser and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry. | |||||
| CVE-2002-0970 | 1 Kde | 2 Kde, Konqueror | 2025-04-03 | 7.5 HIGH | N/A |
| The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack. | |||||
| CVE-2001-0610 | 2 Kde, Suse | 2 Kde, Suse Linux | 2025-04-03 | 4.6 MEDIUM | N/A |
| kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp. | |||||
| CVE-1999-1269 | 1 Kde | 1 Kde Beta 3 | 2025-04-03 | 2.1 LOW | N/A |
| Screen savers in KDE beta 3 allows local users to overwrite arbitrary files via a symlink attack on the .kss.pid file. | |||||
| CVE-2004-1125 | 3 Easy Software Products, Kde, Xpdf | 3 Cups, Kde, Xpdf | 2025-04-03 | 9.3 HIGH | N/A |
| Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded. | |||||
| CVE-2004-0527 | 1 Kde | 1 Konqueror | 2025-04-03 | 5.0 MEDIUM | N/A |
| KDE Konqueror 2.1.1 and 2.2.2 allows remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack. | |||||
| CVE-2006-3672 | 1 Kde | 1 Konqueror | 2025-04-03 | 2.6 LOW | N/A |
| KDE Konqueror 3.5.1 and earlier allows remote attackers to cause a denial of service (application crash) by calling the replaceChild method on a DOM object, which triggers a null dereference, as demonstrated by calling document.replaceChild with a 0 (zero) argument. | |||||
| CVE-2000-0918 | 1 Kde | 1 Kvt | 2025-04-03 | 7.2 HIGH | N/A |
| Format string vulnerability in kvt in KDE 1.1.2 may allow local users to execute arbitrary commands via a DISPLAY environmental variable that contains formatting characters. | |||||
| CVE-2002-1223 | 1 Kde | 1 Kde | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file. | |||||
| CVE-2005-1852 | 4 Centericq, Ekg, Kadu and 1 more | 4 Centericq, Ekg, Kadu and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message. | |||||
| CVE-2000-0481 | 1 Kde | 1 K-mail | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in KDE Kmail allows a remote attacker to cause a denial of service via an attachment with a long file name. | |||||
| CVE-2006-2449 | 1 Kde | 1 Kde | 2025-04-03 | 4.0 MEDIUM | N/A |
| KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users to read arbitrary files via a symlink attack related to the session type for login. | |||||
| CVE-2005-0237 | 1 Kde | 2 Kde, Konqueror | 2025-04-03 | 5.0 MEDIUM | N/A |
| The International Domain Name (IDN) support in Konqueror 3.2.1 on KDE 3.2.1 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks. | |||||
| CVE-2005-3624 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. | |||||
| CVE-2003-0256 | 1 Kde | 1 Kopete | 2025-04-03 | 7.5 HIGH | N/A |
| The GnuPG plugin in kopete before 0.6.2 does not properly cleanse the command line when executing gpg, which allows remote attackers to execute arbitrary commands. | |||||
| CVE-1999-0782 | 3 Freebsd, Kde, Linux | 3 Freebsd, Kde, Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
| KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable. | |||||