Filtered by vendor Kde Subscriptions
Total 197 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-1999-1270 1 Kde 1 Kde 2025-04-03 N/A
KMail in KDE 1.0 provides a PGP passphrase as a command line argument to other programs, which could allow local users to obtain the passphrase and compromise the PGP keys of other users by viewing the arguments via programs that list process information, such as ps.
CVE-1999-0781 3 Freebsd, Kde, Linux 3 Freebsd, Kde, Linux Kernel 2025-04-03 N/A
KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables.
CVE-1999-0782 3 Freebsd, Kde, Linux 3 Freebsd, Kde, Linux Kernel 2025-04-03 N/A
KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable.
CVE-2004-0886 9 Apple, Kde, Libtiff and 6 more 13 Mac Os X, Mac Os X Server, Kde and 10 more 2025-04-03 N/A
Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls.
CVE-2004-1158 3 Kde, Mandrakesoft, Redhat 4 Konqueror, Mandrake Linux, Enterprise Linux and 1 more 2025-04-03 N/A
Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability.
CVE-2005-2101 1 Kde 1 Kde 2025-04-03 N/A
langen2kvtml in KDE 3.0 to 3.4.2 creates insecure temporary files in /tmp with predictable names, which allows local users to overwrite arbitrary files.
CVE-2006-0019 2 Kde, Redhat 2 Kde, Enterprise Linux 2025-04-03 N/A
Heap-based buffer overflow in the encodeURI and decodeURI functions in the kjs JavaScript interpreter engine in KDE 3.2.0 through 3.5.0 allows remote attackers to execute arbitrary code via a crafted, UTF-8 encoded URI.
CVE-2005-1920 3 Debian, Kde, Redhat 3 Debian Linux, Kde, Enterprise Linux 2025-04-03 7.5 High
The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information.
CVE-1999-1096 1 Kde 1 Kde 2025-04-03 N/A
Buffer overflow in kscreensaver in KDE klock allows local users to gain root privileges via a long HOME environmental variable.
CVE-2000-0371 1 Kde 1 Kde 2025-04-03 N/A
The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack.
CVE-2000-0393 1 Kde 1 Kde 2025-04-03 N/A
The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute.
CVE-2000-0481 1 Kde 1 K-mail 2025-04-03 N/A
Buffer overflow in KDE Kmail allows a remote attacker to cause a denial of service via an attachment with a long file name.
CVE-1999-1267 1 Kde 1 Kde 2025-04-03 N/A
KDE file manager (kfm) uses a TCP server for certain file operations, which allows remote attackers to modify arbitrary files by sending a copy command to the server.
CVE-1999-1106 1 Kde 1 Kde 2025-04-03 N/A
Buffer overflow in kppp in KDE allows local users to gain root access via a long -c (account_name) command line argument.
CVE-2004-0721 2 Kde, Redhat 2 Konqueror, Enterprise Linux 2025-04-03 N/A
Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
CVE-2005-0404 2 Kde, Kmail 2 Kde, Kmail 2025-04-03 N/A
KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email.
CVE-2006-2933 2 Kde, Redhat 3 Kde, Enterprise Linux, Enterprise Linux Desktop 2025-04-03 N/A
kdesktop_lock in kdebase before 3.1.3-5.11 for KDE in Red Hat Enterprise Linux (RHEL) 3 does not properly terminate, which can prevent the screensaver from activating or prevent users from manually locking the desktop.
CVE-2005-0365 2 Kde, Redhat 2 Kde, Enterprise Linux 2025-04-03 N/A
The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.
CVE-1999-0735 1 Kde 1 K-mail 2025-04-03 N/A
KDE K-Mail allows local users to gain privileges via a symlink attack in temporary user directories.
CVE-1999-1107 1 Kde 1 Kde 2025-04-03 N/A
Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable.