Filtered by vendor Kde
Subscriptions
Total
215 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0867 | 4 Kde, Microsoft, Mozilla and 1 more | 5 Konqueror, Ie, Internet Explorer and 2 more | 2026-04-16 | N/A |
| Mozilla Firefox 0.9.2 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. NOTE: it was later reported that 2.x is also affected. | ||||
| CVE-2001-0610 | 2 Kde, Suse | 2 Kde, Suse Linux | 2026-04-16 | N/A |
| kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp. | ||||
| CVE-2005-4684 | 1 Kde | 1 Konqueror | 2026-04-16 | N/A |
| Konqueror can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a user into accepting a cookie for a hostname formed via search-list expansion of the hostname entered by the user, or steal a cookie for an expanded hostname, as demonstrated by an attacker who operates an ap1.com Internet web site to steal cookies associated with an ap1.com.example.com intranet web site. | ||||
| CVE-2005-2494 | 2 Kde, Redhat | 2 Kde, Enterprise Linux | 2026-04-16 | N/A |
| kcheckpass in KDE 3.2.0 up to 3.4.2 allows local users to gain root access via a symlink attack on lock files. | ||||
| CVE-2005-2097 | 3 Kde, Redhat, Xpdf | 3 Kpdf, Enterprise Linux, Xpdf | 2026-04-16 | N/A |
| xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information. | ||||
| CVE-2005-2101 | 1 Kde | 1 Kde | 2026-04-16 | N/A |
| langen2kvtml in KDE 3.0 to 3.4.2 creates insecure temporary files in /tmp with predictable names, which allows local users to overwrite arbitrary files. | ||||
| CVE-2006-3742 | 1 Kde | 1 Kdebase | 2026-04-16 | N/A |
| The KDE PAM configuration shipped with Fedora Core 5 causes KDM passwords to be cached, which allows attackers to login without a password by attempting to log in multiple times. | ||||
| CVE-2006-2933 | 2 Kde, Redhat | 3 Kde, Enterprise Linux, Enterprise Linux Desktop | 2026-04-16 | N/A |
| kdesktop_lock in kdebase before 3.1.3-5.11 for KDE in Red Hat Enterprise Linux (RHEL) 3 does not properly terminate, which can prevent the screensaver from activating or prevent users from manually locking the desktop. | ||||
| CVE-2005-3624 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2026-04-16 | N/A |
| The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. | ||||
| CVE-2005-3626 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2026-04-16 | N/A |
| Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. | ||||
| CVE-2001-0782 | 1 Kde | 1 Ktv | 2026-04-16 | N/A |
| KDE ktvision 0.1.1-271 and earlier allows local attackers to gain root privileges via a symlink attack on a user configuration file. | ||||
| CVE-2001-1197 | 1 Kde | 1 Kdeutils | 2026-04-16 | N/A |
| klprfax_filter in KDE2 KDEUtils allows local users to overwrite arbitrary files via a symlink attack on the klprfax.filter temporary file. | ||||
| CVE-1999-0782 | 3 Freebsd, Kde, Linux | 3 Freebsd, Kde, Linux Kernel | 2026-04-16 | N/A |
| KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable. | ||||
| CVE-1999-1267 | 1 Kde | 1 Kde | 2026-04-16 | N/A |
| KDE file manager (kfm) uses a TCP server for certain file operations, which allows remote attackers to modify arbitrary files by sending a copy command to the server. | ||||
| CVE-1999-1269 | 1 Kde | 1 Kde Beta 3 | 2026-04-16 | N/A |
| Screen savers in KDE beta 3 allows local users to overwrite arbitrary files via a symlink attack on the .kss.pid file. | ||||
| CVE-2003-0690 | 2 Kde, Redhat | 3 Kde, Enterprise Linux, Linux | 2026-04-16 | N/A |
| KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred function call succeeds, which may allow attackers to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pam_krb5 module. | ||||
| CVE-2003-0692 | 2 Kde, Redhat | 3 Kde, Enterprise Linux, Linux | 2026-04-16 | N/A |
| KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session. | ||||
| CVE-2002-1224 | 2 Kde, Redhat | 2 Kde, Linux | 2026-04-16 | N/A |
| Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE 3.0.3a allows remote attackers to read arbitrary files as the kpf user via a URL with a modified icon parameter. | ||||
| CVE-2002-1282 | 2 Kde, Redhat | 2 Kde, Linux | 2026-04-16 | N/A |
| Unknown vulnerability in the telnet KIO subsystem (telnet.protocol) of KDE 2.x 2.1 and later allows local and remote attackers to execute arbitrary code via a certain URL. | ||||
| CVE-2002-1393 | 2 Kde, Redhat | 3 Kde, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses. | ||||