Filtered by vendor Kde Subscriptions
Filtered by product Valent Subscriptions

Search

Switch to Advanced Search (Beta)
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-66270 3 Apple, Google, Kde 6 Ios, Android, Gsconnect and 3 more 2025-12-05 4.7 Medium
The KDE Connect protocol 8 before 2025-11-28 does not correlate device IDs across two packets. This affects KDE Connect before 25.12 on desktop, KDE Connect before 0.5.4 on iOS, KDE Connect before 1.34.4 on Android, GSConnect before 68, and Valent before 1.0.0.alpha.49.
CVE-2025-32898 3 Apple, Google, Kde 6 Ios, Android, Gsconnect and 3 more 2025-12-05 4.7 Medium
The KDE Connect verification-code protocol before 2025-04-18 uses only 8 characters and therefore allows brute-force attacks. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5 on iOS, Valent before 1.0.0.alpha.47, and GSConnect before 59.
CVE-2025-32900 3 Apple, Google, Kde 6 Ios, Android, Gsconnect and 3 more 2025-12-05 4.3 Medium
In the KDE Connect information-exchange protocol before 2025-04-18, a packet can be crafted to temporarily change the displayed information about a device, because broadcast UDP is used. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5 on iOS, Valent before 1.0.0.alpha.47, and GSConnect before 59.