Kde

kde

Vendor: Kde • 66 CVEs

CVEs (66)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2012-4512 2Kde Redhat 5Enterprise Linux Enterprise Linux DesktopEnterprise Linux Server Eus+2 more Nov 21, 2024 Feb 8, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "type confusion."
CVE-2012-4515 1Kde 1Kde Apr 29, 2026 Nov 11, 2012 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Use-after-free vulnerability in khtml/rendering/render_replaced.cpp in Konqueror in KDE 4.7.3, when the context menu is shown, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary c...Show more Use-after-free vulnerability in khtml/rendering/render_replaced.cpp in Konqueror in KDE 4.7.3, when the context menu is shown, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by accessing an iframe when it is being updated.Show less
CVE-2012-4514 1Kde 1Kde Apr 29, 2026 Nov 11, 2012 N/A· v4 N/A· v3 5.0 MEDIUM· v2 rendering/render_replaced.cpp in Konqueror in KDE before 4.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted web page, related to "trying to reuse a frame with a null part....Show more rendering/render_replaced.cpp in Konqueror in KDE before 4.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted web page, related to "trying to reuse a frame with a null part."Show less
CVE-2012-4513 1Kde 1Kde Apr 29, 2026 Nov 11, 2012 N/A· v4 N/A· v3 6.4 MEDIUM· v2 khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and...Show more khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read.Show less
CVE-2008-1671 1Kde 1Kde Apr 23, 2026 Apr 28, 2008 N/A· v4 N/A· v3 4.6 MEDIUM· v2 start_kdeinit in KDE 3.5.5 through 3.5.9, when installed setuid root, allows local users to cause a denial of service and possibly execute arbitrary code via "user-influenceable input" (probably command-line arguments) t...Show more start_kdeinit in KDE 3.5.5 through 3.5.9, when installed setuid root, allows local users to cause a denial of service and possibly execute arbitrary code via "user-influenceable input" (probably command-line arguments) that cause start_kdeinit to send SIGUSR1 signals to other processes.Show less
CVE-2008-1670 1Kde 1Kde Apr 23, 2026 Apr 28, 2008 N/A· v4 N/A· v3 9.3 HIGH· v2 Heap-based buffer overflow in the progressive PNG Image loader (decoders/pngloader.cpp) in KHTML in KDE 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code v...Show more Heap-based buffer overflow in the progressive PNG Image loader (decoders/pngloader.cpp) in KHTML in KDE 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted image.Show less
CVE-2007-5963 1Kde 1Kde Apr 23, 2026 Dec 19, 2007 N/A· v4 N/A· v3 4.7 MEDIUM· v2 Unspecified vulnerability in kdebase allows local users to cause a denial of service (KDM login inaccessible, or resource consumption) via unknown vectors.
CVE-2007-4569 1Kde 1Kde Apr 23, 2026 Sep 21, 2007 N/A· v4 N/A· v3 6.8 MEDIUM· v2 backend/session.c in KDM in KDE 3.3.0 through 3.5.7, when autologin is configured and "shutdown with password" is enabled, allows remote attackers to bypass the password requirement and login to arbitrary accounts via un...Show more backend/session.c in KDM in KDE 3.3.0 through 3.5.7, when autologin is configured and "shutdown with password" is enabled, allows remote attackers to bypass the password requirement and login to arbitrary accounts via unspecified vectors.Show less
CVE-2007-0104 2Kde Xpdf 2Kde Xpdf Apr 23, 2026 Jan 9, 2007 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including...Show more The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.Show less
CVE-2006-2933 2Kde Redhat 3Enterprise Linux Enterprise Linux DesktopKde Apr 16, 2026 Jul 27, 2006 N/A· v4 N/A· v3 4.6 MEDIUM· v2 kdesktop_lock in kdebase before 3.1.3-5.11 for KDE in Red Hat Enterprise Linux (RHEL) 3 does not properly terminate, which can prevent the screensaver from activating or prevent users from manually locking the desktop.
CVE-2006-2449 1Kde 1Kde Apr 16, 2026 Jun 15, 2006 N/A· v4 N/A· v3 4.0 MEDIUM· v2 KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users to read arbitrary files via a symlink attack related to the session type for login.
CVE-2006-0019 1Kde 1Kde Apr 16, 2026 Jan 20, 2006 N/A· v4 N/A· v3 7.5 HIGH· v2 Heap-based buffer overflow in the encodeURI and decodeURI functions in the kjs JavaScript interpreter engine in KDE 3.2.0 through 3.5.0 allows remote attackers to execute arbitrary code via a crafted, UTF-8 encoded URI.
CVE-2005-2494 1Kde 1Kde Apr 16, 2026 Sep 6, 2005 N/A· v4 N/A· v3 7.2 HIGH· v2 kcheckpass in KDE 3.2.0 up to 3.4.2 allows local users to gain root access via a symlink attack on lock files.
CVE-2005-2101 1Kde 1Kde Apr 16, 2026 Aug 17, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 langen2kvtml in KDE 3.0 to 3.4.2 creates insecure temporary files in /tmp with predictable names, which allows local users to overwrite arbitrary files.
CVE-2005-1920 2Debian Kde 2Debian Linux Kde Apr 16, 2026 Jul 26, 2005 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote atta...Show more The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information.Show less
CVE-2005-1852 4Centericq EkgKadu+1 more 4Centericq EkgKadu+1 more Apr 16, 2026 Jul 26, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly...Show more Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message.Show less
CVE-2005-1046 1Kde 1Kde Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in the kimgio library for KDE 3.4.0 allows remote attackers to execute arbitrary code via a crafted PCX image file.
CVE-2005-0404 2Kde Kmail 2Kde Kmail Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email.
CVE-2005-0365 1Kde 1Kde Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 2.1 LOW· v2 The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.
CVE-2005-0237 1Kde 2Kde Konqueror Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The International Domain Name (IDN) support in Konqueror 3.2.1 on KDE 3.2.1 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that us...Show more The International Domain Name (IDN) support in Konqueror 3.2.1 on KDE 3.2.1 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.Show less

12 3 4 Next