Filtered by vendor Kde
Subscribe
Search
Total
194 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-28117 | 1 Kde | 1 Discover | 2023-12-28 | 5.0 MEDIUM | 7.5 HIGH |
| libdiscover/backends/KNSBackend/KNSResource.cpp in KDE Discover before 5.21.3 automatically creates links to potentially dangerous URLs (that are neither https:// nor http://) based on the content of the store.kde.org web site. (5.18.7 is also a fixed version.) | |||||
| CVE-2022-24986 | 1 Kde | 1 Kcron | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| KDE KCron through 21.12.2 uses a temporary file in /tmp when saving, but reuses the filename during an editing session. Thus, someone watching it be created the first time could potentially intercept the file the following time, enabling that person to run unauthorized commands. | |||||
| CVE-2022-23853 | 1 Kde | 2 Kate, Ktexteditor | 2023-08-08 | 6.8 MEDIUM | 7.8 HIGH |
| The LSP (Language Server Protocol) plugin in KDE Kate before 21.12.2 and KTextEditor before 5.91.0 tries to execute the associated LSP server binary when opening a file of a given type. If this binary is absent from the PATH, it will try running the LSP server binary in the directory of the file that was just opened (due to a misunderstanding of the QProcess API, that was never intended). This can be an untrusted directory. | |||||
| CVE-2021-31855 | 1 Kde | 1 Messagelib | 2022-07-12 | 4.0 MEDIUM | 6.5 MEDIUM |
| KDE Messagelib through 5.17.0 reveals cleartext of encrypted messages in some situations. Deleting an attachment of a decrypted encrypted message stored on a remote server (e.g., an IMAP server) causes KMail to upload the decrypted content of the message to the remote server. With a crafted message, a user could be tricked into decrypting an encrypted message and then deleting an attachment attached to this message. If the attacker has access to the messages stored on the email server, then the attacker could read the decrypted content of the encrypted message. This occurs in ViewerPrivate::deleteAttachment in messageviewer/src/viewer/viewer_p.cpp. | |||||
| CVE-2020-24654 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2022-05-20 | 4.3 MEDIUM | 3.3 LOW |
| In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory. | |||||
| CVE-2020-16116 | 4 Debian, Fedoraproject, Kde and 1 more | 4 Debian Linux, Fedora, Ark and 1 more | 2022-05-20 | 4.3 MEDIUM | 3.3 LOW |
| In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal. | |||||
| CVE-2020-13152 | 1 Kde | 1 Amarok | 2022-04-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| A remote user can create a specially crafted M3U file, media playlist file that when loaded by the target user, will trigger a memory leak, whereby Amarok 2.8.0 continue to waste resources over time, eventually allows attackers to cause a denial of service. | |||||
| CVE-2020-27187 | 1 Kde | 1 Partition Manager | 2022-04-28 | 7.2 HIGH | 7.8 HIGH |
| An issue was discovered in KDE Partition Manager 4.1.0 before 4.2.0. The kpmcore_externalcommand helper contains a logic flaw in which the service invoking D-Bus is not properly checked. An attacker on the local machine can replace /etc/fstab, and execute mount and other partitioning related commands, while KDE Partition Manager is running. the mount command can then be used to gain full root privileges. | |||||
| CVE-2004-1491 | 4 Gentoo, Kde, Opera and 1 more | 4 Linux, Kde, Opera Browser and 1 more | 2022-02-28 | 5.0 MEDIUM | N/A |
| Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry. | |||||
| CVE-2004-0411 | 1 Kde | 1 Konqueror | 2022-02-28 | 7.5 HIGH | N/A |
| The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to the associated programs, possibly to read arbitrary files or execute arbitrary code. | |||||
| CVE-2020-9359 | 3 Debian, Fedoraproject, Kde | 3 Debian Linux, Fedora, Okular | 2021-12-27 | 6.8 MEDIUM | 5.3 MEDIUM |
| KDE Okular before 1.10.0 allows code execution via an action link in a PDF document. | |||||
| CVE-2021-38373 | 1 Kde | 1 Kmail | 2021-08-20 | 3.5 LOW | 5.3 MEDIUM |
| In KDE KMail 19.12.3 (aka 5.13.3), the SMTP STARTTLS option is not honored (and cleartext messages are sent) unless "Server requires authentication" is checked. | |||||
| CVE-2021-38372 | 1 Kde | 1 Trojita | 2021-08-20 | 4.3 MEDIUM | 3.7 LOW |
| In KDE Trojita 0.7, man-in-the-middle attackers can create new folders because untagged responses from an IMAP server are accepted before STARTTLS. | |||||
| CVE-2002-0862 | 4 Adam Megacz, Baltimore Technologies, Kde and 1 more | 16 Tinyssl, Mailsecure, Kde and 13 more | 2021-07-23 | 7.5 HIGH | N/A |
| The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly verify the Basic Constraints of intermediate CA-signed X.509 certificates, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack for SSL sessions, as originally reported for Internet Explorer and IIS. | |||||
| CVE-2004-0866 | 4 Kde, Microsoft, Mozilla and 1 more | 5 Konqueror, Ie, Internet Explorer and 2 more | 2021-07-23 | 7.5 HIGH | N/A |
| Internet Explorer 6.0 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. | |||||
| CVE-2004-0867 | 4 Kde, Microsoft, Mozilla and 1 more | 5 Konqueror, Ie, Internet Explorer and 2 more | 2021-07-23 | 7.5 HIGH | N/A |
| Mozilla Firefox 0.9.2 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. NOTE: it was later reported that 2.x is also affected. | |||||
| CVE-2020-12755 | 1 Kde | 1 Kio-extras | 2021-07-21 | 2.1 LOW | 3.3 LOW |
| fishProtocol::establishConnection in fish/fish.cpp in KDE kio-extras through 20.04.0 makes a cacheAuthentication call even if the user had not set the keepPassword option. This may lead to unintended KWallet storage of a password. | |||||
| CVE-2019-10732 | 1 Kde | 1 Kmail | 2021-07-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker. | |||||
| CVE-2021-36083 | 1 Kde | 1 Kimageformats | 2021-07-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| KDE KImageFormats 5.70.0 through 5.81.0 has a stack-based buffer overflow in XCFImageFormat::loadTileRLE. | |||||
| CVE-2020-26164 | 2 Kde, Opensuse | 3 Kdeconnect, Backports Sle, Leap | 2021-01-26 | 4.9 MEDIUM | 5.5 MEDIUM |
| In kdeconnect-kde (aka KDE Connect) before 20.08.2, an attacker on the local network could send crafted packets that trigger use of large amounts of CPU, memory, or network connection slots, aka a Denial of Service attack. | |||||
| CVE-2019-14744 | 2 Debian, Kde | 2 Debian Linux, Kconfig | 2020-08-24 | 5.1 MEDIUM | 7.8 HIGH |
| In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop file. | |||||
| CVE-2020-15954 | 2 Debian, Kde | 2 Debian Linux, Kmail | 2020-07-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| KDE KMail 19.12.3 (aka 5.13.3) engages in unencrypted POP3 communication during times when the UI indicates that encryption is in use. | |||||
| CVE-2020-11880 | 1 Kde | 1 Kmail | 2020-04-29 | 6.4 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in KDE KMail before 19.12.3. By using the proprietary (non-RFC6068) "mailto?attach=..." parameter, a website (or other source of mailto links) can make KMail attach local files to a composed email message without showing a warning to the user, as demonstrated by an attach=.bash_history value. | |||||
| CVE-2018-19516 | 1 Kde | 1 Kde Applications | 2020-03-18 | 5.0 MEDIUM | 5.3 MEDIUM |
| messagepartthemes/default/defaultrenderer.cpp in messagelib in KDE Applications before 18.12.0 does not properly restrict the handling of an http-equiv="REFRESH" value. | |||||
| CVE-2013-2213 | 1 Kde | 1 Paste Applet | 2020-02-24 | 2.1 LOW | 5.5 MEDIUM |
| The KRandom::random function in KDE Paste Applet after 4.10.5 in kdeplasma-addons uses the GNU C Library rand function's linear congruential generator, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the generator output. | |||||
| CVE-2013-2120 | 1 Kde | 1 Paste Applet | 2020-02-21 | 2.1 LOW | 8.4 HIGH |
| The %{password(...)} macro in pastemacroexpander.cpp in the KDE Paste Applet before 4.10.5 in kdeplasma-addons does not properly generate passwords, which allows context-dependent attackers to bypass authentication via a brute-force attack. | |||||
| CVE-2012-4512 | 2 Kde, Redhat | 5 Kde, Enterprise Linux, Enterprise Linux Desktop and 2 more | 2020-02-14 | 6.8 MEDIUM | 8.8 HIGH |
| The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "type confusion." | |||||
| CVE-2013-4133 | 2 Debian, Kde | 2 Debian Linux, Kde-workspace | 2019-12-17 | 7.8 HIGH | 7.5 HIGH |
| kde-workspace before 4.10.5 has a memory leak in plasma desktop | |||||
| CVE-2018-10361 | 1 Kde | 1 Ktexteditor | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| An issue was discovered in KTextEditor 5.34.0 through 5.45.0. Insecure handling of temporary files in the KTextEditor's kauth_ktexteditor_helper service (as utilized in the Kate text editor) can allow other unprivileged users on the local system to gain root privileges. The attack occurs when one user (who has an unprivileged account but is also able to authenticate as root) writes a text file using Kate into a directory owned by a another unprivileged user. The latter unprivileged user conducts a symlink attack to achieve privilege escalation. | |||||
| CVE-2017-6410 | 1 Kde | 2 Kdelibs, Kio | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls the PAC FindProxyForURL function with a full https URL (potentially including Basic Authentication credentials, a query string, or PATH_INFO), which allows remote attackers to obtain sensitive information via a crafted PAC file. | |||||
| CVE-2017-8422 | 1 Kde | 2 Kauth, Kdelibs | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app. | |||||
| CVE-2017-17689 | 16 9folders, Apple, Bloop and 13 more | 17 Nine, Mail, Airmail and 14 more | 2019-10-03 | 4.3 MEDIUM | 5.9 MEDIUM |
| The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. | |||||
| CVE-2018-6791 | 2 Debian, Kde | 2 Debian Linux, Plasma-workspace | 2019-10-03 | 7.2 HIGH | 6.8 MEDIUM |
| An issue was discovered in soliduiserver/deviceserviceaction.cpp in KDE Plasma Workspace before 5.12.0. When a vfat thumbdrive that contains `` or $() in its volume label is plugged in and mounted through the device notifier, it's interpreted as a shell command, leading to a possibility of arbitrary command execution. An example of an offending volume label is "$(touch b)" -- this will create a file called b in the home folder. | |||||
| CVE-2017-9604 | 1 Kde | 3 Kde, Kmail, Messagelib | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the network. | |||||
| CVE-2018-6790 | 1 Kde | 1 Plasma-workspace | 2019-08-06 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in KDE Plasma Workspace before 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote attackers to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG element. | |||||
| CVE-2019-7443 | 4 Fedoraproject, Kde, Opensuse and 1 more | 5 Fedora, Kauth, Backports and 2 more | 2019-05-10 | 9.3 HIGH | 8.1 HIGH |
| KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. Certain types can cause crashes, and trigger the decoding of arbitrary images with dynamically loaded plugins. In other words, KAuth unintentionally causes this plugin code to run as root, which increases the severity of any possible exploitation of a plugin vulnerability. | |||||
| CVE-2018-1000801 | 2 Debian, Kde | 2 Debian Linux, Okular | 2019-03-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| okular version 18.08 and earlier contains a Directory Traversal vulnerability in function "unpackDocumentArchive(...)" in "core/document.cpp" that can result in Arbitrary file creation on the user workstation. This attack appear to be exploitable via he victim must open a specially crafted Okular archive. This issue appears to have been corrected in version 18.08.1 | |||||
| CVE-2009-3608 | 7 Foolabs, Glyph And Cog, Glyphandcog and 4 more | 7 Xpdf, Pdftops, Xpdfreader and 4 more | 2019-03-06 | 9.3 HIGH | N/A |
| Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. | |||||
| CVE-2009-3609 | 6 Foolabs, Glyph And Cog, Glyphandcog and 3 more | 6 Xpdf, Pdftops, Xpdfreader and 3 more | 2019-03-06 | 4.3 MEDIUM | N/A |
| Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read. | |||||
| CVE-2009-3604 | 5 Foolabs, Glyphandcog, Gnome and 2 more | 5 Xpdf, Xpdfreader, Gpdf and 2 more | 2019-03-06 | 9.3 HIGH | N/A |
| The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow. | |||||
| CVE-2009-3606 | 4 Foolabs, Glyphandcog, Kde and 1 more | 4 Xpdf, Xpdfreader, Kpdf and 1 more | 2019-03-06 | 9.3 HIGH | N/A |
| Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. | |||||
| CVE-2010-3704 | 4 Foolabs, Glyphandcog, Kde and 1 more | 4 Xpdf, Xpdfreader, Kdegraphics and 1 more | 2019-03-06 | 6.8 MEDIUM | N/A |
| The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption. | |||||
| CVE-2018-19120 | 1 Kde | 1 Kde Applications | 2019-01-31 | 5.0 MEDIUM | 7.5 HIGH |
| The HTML thumbnailer plugin in KDE Applications before 18.12.0 allows attackers to trigger outbound TCP connections to arbitrary IP addresses, leading to disclosure of the source IP address. | |||||
| CVE-2014-8600 | 3 Kde, Opensuse, Urs Wolfer | 4 Kde-runtime, Kio-extras, Opensuse and 1 more | 2018-10-30 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in KDE-Runtime 4.14.3 and earlier, kwebkitpart 1.3.4 and earlier, and kio-extras 5.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via a crafted URI using the (1) zip, (2) trash, (3) tar, (4) thumbnail, (5) smtps, (6) smtp, (7) smb, (8) remote, (9) recentdocuments, (10) nntps, (11) nntp, (12) network, (13) mbox, (14) ldaps, (15) ldap, (16) fonts, (17) file, (18) desktop, (19) cgi, (20) bookmarks, or (21) ar scheme, which is not properly handled in an error message. | |||||
| CVE-2016-2312 | 3 Fedoraproject, Kde, Opensuse | 4 Fedora, Kscreenlocker, Plasma-workspace and 1 more | 2018-10-30 | 4.6 MEDIUM | 6.8 MEDIUM |
| Turning all screens off in Plasma-workspace and kscreenlocker while the lock screen is shown can result in the screen being unlocked when turning a screen on again. | |||||
| CVE-2014-3494 | 2 Kde, Opensuse | 2 Kdelibs, Opensuse | 2018-10-30 | 4.3 MEDIUM | N/A |
| kio/usernotificationhandler.cpp in the POP3 kioslave in kdelibs 4.10.95 before 4.13.3 does not properly generate warning notifications, which allows man-in-the-middle attackers to obtain sensitive information via an invalid certificate. | |||||
| CVE-2013-4132 | 2 Kde, Opensuse | 3 Kde-workspace, Kde Sc, Opensuse | 2018-10-30 | 5.0 MEDIUM | N/A |
| KDE-Workspace 4.10.5 and earlier does not properly handle the return value of the glibc 2.17 crypt and pw_encrypt functions, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via (1) an invalid salt or a (2) DES or (3) MD5 encrypted password, when FIPS-140 is enable, to KDM or an (4) invalid password to KCheckPass. | |||||
| CVE-2016-7787 | 2 Kde, Opensuse | 3 Kde-cli-tools, Leap, Opensuse | 2018-10-30 | 4.0 MEDIUM | 4.9 MEDIUM |
| A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super user. | |||||
| CVE-2016-3100 | 2 Kde, Opensuse | 3 Kde Frameworks, Leap, Opensuse | 2018-10-30 | 2.1 LOW | 8.4 HIGH |
| kinit in KDE Frameworks before 5.23.0 uses weak permissions (644) for /tmp/xauth-xxx-_y, which allows local users to obtain X11 cookies of other users and consequently capture keystrokes and possibly gain privileges by reading the file. | |||||
| CVE-2011-2725 | 3 Canonical, Kde, Opensuse | 4 Ubuntu Linux, Ark, Kde Sc and 1 more | 2018-10-30 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in Ark 4.7.x and earlier allows remote attackers to delete and force the display of arbitrary files via .. (dot dot) sequences in a zip file. | |||||