Filtered by vendor Kde
Subscriptions
Total
197 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-1999-1270 | 1 Kde | 1 Kde | 2025-04-03 | N/A |
KMail in KDE 1.0 provides a PGP passphrase as a command line argument to other programs, which could allow local users to obtain the passphrase and compromise the PGP keys of other users by viewing the arguments via programs that list process information, such as ps. | ||||
CVE-1999-0781 | 3 Freebsd, Kde, Linux | 3 Freebsd, Kde, Linux Kernel | 2025-04-03 | N/A |
KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables. | ||||
CVE-1999-0782 | 3 Freebsd, Kde, Linux | 3 Freebsd, Kde, Linux Kernel | 2025-04-03 | N/A |
KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable. | ||||
CVE-2004-0886 | 9 Apple, Kde, Libtiff and 6 more | 13 Mac Os X, Mac Os X Server, Kde and 10 more | 2025-04-03 | N/A |
Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls. | ||||
CVE-2004-1158 | 3 Kde, Mandrakesoft, Redhat | 4 Konqueror, Mandrake Linux, Enterprise Linux and 1 more | 2025-04-03 | N/A |
Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability. | ||||
CVE-2005-2101 | 1 Kde | 1 Kde | 2025-04-03 | N/A |
langen2kvtml in KDE 3.0 to 3.4.2 creates insecure temporary files in /tmp with predictable names, which allows local users to overwrite arbitrary files. | ||||
CVE-2006-0019 | 2 Kde, Redhat | 2 Kde, Enterprise Linux | 2025-04-03 | N/A |
Heap-based buffer overflow in the encodeURI and decodeURI functions in the kjs JavaScript interpreter engine in KDE 3.2.0 through 3.5.0 allows remote attackers to execute arbitrary code via a crafted, UTF-8 encoded URI. | ||||
CVE-2005-1920 | 3 Debian, Kde, Redhat | 3 Debian Linux, Kde, Enterprise Linux | 2025-04-03 | 7.5 High |
The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information. | ||||
CVE-1999-1096 | 1 Kde | 1 Kde | 2025-04-03 | N/A |
Buffer overflow in kscreensaver in KDE klock allows local users to gain root privileges via a long HOME environmental variable. | ||||
CVE-2000-0371 | 1 Kde | 1 Kde | 2025-04-03 | N/A |
The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack. | ||||
CVE-2000-0393 | 1 Kde | 1 Kde | 2025-04-03 | N/A |
The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute. | ||||
CVE-2000-0481 | 1 Kde | 1 K-mail | 2025-04-03 | N/A |
Buffer overflow in KDE Kmail allows a remote attacker to cause a denial of service via an attachment with a long file name. | ||||
CVE-1999-1267 | 1 Kde | 1 Kde | 2025-04-03 | N/A |
KDE file manager (kfm) uses a TCP server for certain file operations, which allows remote attackers to modify arbitrary files by sending a copy command to the server. | ||||
CVE-1999-1106 | 1 Kde | 1 Kde | 2025-04-03 | N/A |
Buffer overflow in kppp in KDE allows local users to gain root access via a long -c (account_name) command line argument. | ||||
CVE-2004-0721 | 2 Kde, Redhat | 2 Konqueror, Enterprise Linux | 2025-04-03 | N/A |
Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. | ||||
CVE-2005-0404 | 2 Kde, Kmail | 2 Kde, Kmail | 2025-04-03 | N/A |
KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email. | ||||
CVE-2006-2933 | 2 Kde, Redhat | 3 Kde, Enterprise Linux, Enterprise Linux Desktop | 2025-04-03 | N/A |
kdesktop_lock in kdebase before 3.1.3-5.11 for KDE in Red Hat Enterprise Linux (RHEL) 3 does not properly terminate, which can prevent the screensaver from activating or prevent users from manually locking the desktop. | ||||
CVE-2005-0365 | 2 Kde, Redhat | 2 Kde, Enterprise Linux | 2025-04-03 | N/A |
The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack. | ||||
CVE-1999-0735 | 1 Kde | 1 K-mail | 2025-04-03 | N/A |
KDE K-Mail allows local users to gain privileges via a symlink attack in temporary user directories. | ||||
CVE-1999-1107 | 1 Kde | 1 Kde | 2025-04-03 | N/A |
Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable. |