Filtered by vendor Kde
Subscribe
Total
195 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-1564 | 1 Kde | 1 Konqueror | 2025-04-09 | 6.8 MEDIUM | N/A |
| The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response. | |||||
| CVE-2007-1565 | 1 Kde | 1 Konqueror | 2025-04-09 | 7.8 HIGH | N/A |
| Konqueror 3.5.5 allows remote attackers to cause a denial of service (crash) by using JavaScript to read a child iframe having an ftp:// URI. | |||||
| CVE-2006-6120 | 1 Kde | 1 Koffice | 2025-04-09 | 6.8 MEDIUM | N/A |
| Integer overflow in the KPresenter import filter for Microsoft PowerPoint files (filters/olefilters/lib/klaola.cc) in KOffice before 1.6.1 allows user-assisted remote attackers to execute arbitrary code via a crafted PPT file, which results in a heap-based buffer overflow. | |||||
| CVE-2007-6000 | 1 Kde | 1 Konqueror | 2025-04-09 | 5.0 MEDIUM | N/A |
| KDE Konqueror 3.5.6 and earlier allows remote attackers to cause a denial of service (crash) via large HTTP cookie parameters. | |||||
| CVE-2009-2537 | 1 Kde | 1 Konqueror | 2025-04-09 | 4.3 MEDIUM | N/A |
| KDE Konqueror allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. | |||||
| CVE-2007-5963 | 1 Kde | 1 Kde | 2025-04-09 | 4.7 MEDIUM | N/A |
| Unspecified vulnerability in kdebase allows local users to cause a denial of service (KDM login inaccessible, or resource consumption) via unknown vectors. | |||||
| CVE-2007-2164 | 1 Kde | 1 Konqueror | 2025-04-09 | 5.0 MEDIUM | N/A |
| Konqueror 3.5.5 release 45.4 allows remote attackers to cause a denial of service (browser crash or abort) via JavaScript that matches a regular expression against a long string, as demonstrated using /(.)*/. | |||||
| CVE-2006-6811 | 2 Canonical, Kde | 2 Ubuntu Linux, Ksirc | 2025-04-09 | 4.3 MEDIUM | 6.5 MEDIUM |
| KsIRC 1.3.12 allows remote attackers to cause a denial of service (crash) via a long PRIVMSG string when connecting to an Internet Relay Chat (IRC) server, which causes an assertion failure and results in a NULL pointer dereference. NOTE: this issue was originally reported as a buffer overflow. | |||||
| CVE-2007-4229 | 1 Kde | 1 Konqueror | 2025-04-09 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in KDE Konqueror 3.5.7 and earlier allows remote attackers to cause a denial of service (failed assertion and application crash) via certain malformed HTML, as demonstrated by a document containing TEXTAREA, BUTTON, BR, BDO, PRE, FRAMESET, and A tags. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-4224 | 1 Kde | 1 Konqueror | 2025-04-09 | 4.3 MEDIUM | N/A |
| KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with a small interval and changing the window.location property. | |||||
| CVE-2008-5712 | 1 Kde | 1 Konqueror | 2025-04-09 | 5.0 MEDIUM | N/A |
| The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to cause a denial of service (application crash) via (1) a long COLOR attribute in an HR element; or a long (a) BGCOLOR or (b) BORDERCOLOR attribute in a (2) TABLE, (3) TD, or (4) TR element. NOTE: the FONT vector is already covered by CVE-2008-4514. | |||||
| CVE-2007-4941 | 1 Kde | 1 Kmplayer | 2025-04-09 | 7.1 HIGH | N/A |
| KMPlayer 2.9.3.1210 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a .avi file with certain large "indx truck size" and nEntriesInuse values. | |||||
| CVE-2007-1308 | 1 Kde | 1 Konqueror | 2025-04-09 | 4.3 MEDIUM | N/A |
| ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror in KDE 3.5.5, allows remote attackers to cause a denial of service (crash) by accessing the content of an iframe with an ftp:// URI in the src attribute, probably due to a NULL pointer dereference. | |||||
| CVE-2007-4569 | 1 Kde | 1 Kde | 2025-04-09 | 6.8 MEDIUM | N/A |
| backend/session.c in KDM in KDE 3.3.0 through 3.5.7, when autologin is configured and "shutdown with password" is enabled, allows remote attackers to bypass the password requirement and login to arbitrary accounts via unspecified vectors. | |||||
| CVE-2002-0227 | 2 Kde, Kicq | 2 Kde, Kicq | 2025-04-03 | 5.0 MEDIUM | N/A |
| KICQ 2.0.0b1 allows remote attackers to cause a denial of service (crash) via a malformed message. | |||||
| CVE-2005-2101 | 1 Kde | 1 Kde | 2025-04-03 | 5.0 MEDIUM | N/A |
| langen2kvtml in KDE 3.0 to 3.4.2 creates insecure temporary files in /tmp with predictable names, which allows local users to overwrite arbitrary files. | |||||
| CVE-2006-3672 | 1 Kde | 1 Konqueror | 2025-04-03 | 2.6 LOW | N/A |
| KDE Konqueror 3.5.1 and earlier allows remote attackers to cause a denial of service (application crash) by calling the replaceChild method on a DOM object, which triggers a null dereference, as demonstrated by calling document.replaceChild with a 0 (zero) argument. | |||||
| CVE-2002-1152 | 1 Kde | 1 Kde | 2025-04-03 | 7.5 HIGH | N/A |
| Konqueror in KDE 3.0 through 3.0.2 does not properly detect the "secure" flag in an HTTP cookie, which could cause Konqueror to send the cookie across an unencrypted channel, which could allow remote attackers to steal the cookie via sniffing. | |||||
| CVE-2005-2971 | 1 Kde | 1 Koffice | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the KWord RTF importer for KOffice 1.2.0 through 1.4.1 allows remote attackers to execute arbitrary code via a crafted RTF file. | |||||
| CVE-2003-0690 | 1 Kde | 1 Kde | 2025-04-03 | 10.0 HIGH | N/A |
| KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred function call succeeds, which may allow attackers to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pam_krb5 module. | |||||