Filtered by vendor Kde
Subscriptions
Total
209 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1096 | 1 Kde | 1 Kde | 2025-04-03 | N/A |
| Buffer overflow in kscreensaver in KDE klock allows local users to gain root privileges via a long HOME environmental variable. | ||||
| CVE-1999-1106 | 1 Kde | 1 Kde | 2025-04-03 | N/A |
| Buffer overflow in kppp in KDE allows local users to gain root access via a long -c (account_name) command line argument. | ||||
| CVE-1999-1107 | 1 Kde | 1 Kde | 2025-04-03 | N/A |
| Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable. | ||||
| CVE-2000-0371 | 1 Kde | 1 Kde | 2025-04-03 | N/A |
| The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack. | ||||
| CVE-2000-0373 | 1 Kde | 1 Kvt | 2025-04-03 | N/A |
| Vulnerabilities in the KDE kvt terminal program allow local users to gain root privileges. | ||||
| CVE-2000-0393 | 1 Kde | 1 Kde | 2025-04-03 | N/A |
| The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute. | ||||
| CVE-2000-0530 | 2 Caldera, Kde | 2 Openlinux, Kde | 2025-04-03 | N/A |
| The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files. | ||||
| CVE-2002-0227 | 2 Kde, Kicq | 2 Kde, Kicq | 2025-04-03 | N/A |
| KICQ 2.0.0b1 allows remote attackers to cause a denial of service (crash) via a malformed message. | ||||
| CVE-2002-0342 | 1 Kde | 1 K-mail | 2025-04-03 | N/A |
| Kmail 1.2 on KDE 2.1.1 allows remote attackers to cause a denial of service (crash) via an email message whose body is approximately 55 K long. | ||||
| CVE-2004-0870 | 1 Kde | 1 Konqueror | 2025-04-03 | N/A |
| KDE Konqueror does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection." | ||||
| CVE-2002-0970 | 2 Kde, Redhat | 4 Kde, Konqueror, Enterprise Linux and 1 more | 2025-04-03 | N/A |
| The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack. | ||||
| CVE-2004-1165 | 2 Kde, Redhat | 3 Kdelibs, Konqueror, Enterprise Linux | 2025-04-03 | N/A |
| Konqueror 3.3.1 allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline ("%0a") before the FTP command, which causes the commands to be inserted into the resulting FTP session, as demonstrated using a PORT command. | ||||
| CVE-2005-0754 | 5 Conectiva, Gentoo, Kde and 2 more | 6 Linux, Linux, Kde and 3 more | 2025-04-03 | N/A |
| Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code. | ||||
| CVE-2005-1920 | 3 Debian, Kde, Redhat | 3 Debian Linux, Kde, Enterprise Linux | 2025-04-03 | 7.5 High |
| The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information. | ||||
| CVE-2006-2449 | 2 Kde, Redhat | 2 Kde, Enterprise Linux | 2025-04-03 | N/A |
| KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users to read arbitrary files via a symlink attack related to the session type for login. | ||||
| CVE-2006-2916 | 2 Kde, Linux | 2 Arts, Linux Kernel | 2025-04-03 | 7.8 High |
| artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges. | ||||
| CVE-2005-3626 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2025-04-03 | N/A |
| Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. | ||||
| CVE-1999-0781 | 3 Freebsd, Kde, Linux | 3 Freebsd, Kde, Linux Kernel | 2025-04-03 | N/A |
| KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables. | ||||
| CVE-2002-1223 | 2 Kde, Redhat | 2 Kde, Linux | 2025-04-03 | N/A |
| Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file. | ||||
| CVE-2002-1281 | 2 Kde, Redhat | 2 Kde, Linux | 2025-04-03 | N/A |
| Unknown vulnerability in the rlogin KIO subsystem (rlogin.protocol) of KDE 2.x 2.1 and later, and KDE 3.x 3.0.4 and earlier, allows local and remote attackers to execute arbitrary code via a certain URL. | ||||