Kde

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2006-6660 1Kde 1Libkhtml Apr 23, 2026 Dec 20, 2006 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The nodeType function in KDE libkhtml 4.2.0 and earlier, as used by Konquerer, KMail, and other programs, allows remote attackers to cause a denial of service (crash) via malformed HTML tags, possibly involving a COL SPA...Show more The nodeType function in KDE libkhtml 4.2.0 and earlier, as used by Konquerer, KMail, and other programs, allows remote attackers to cause a denial of service (crash) via malformed HTML tags, possibly involving a COL SPAN tag embedded in a RANGE tag.Show less
CVE-2006-6297 1Kde 1Kdegraphics Apr 23, 2026 Dec 5, 2006 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Stack consumption vulnerability in the KFILE JPEG (kfile_jpeg) plugin in kdegraphics 3, as used by konqueror, digikam, and other KDE image browsers, allows remote attackers to cause a denial of service (stack consumption...Show more Stack consumption vulnerability in the KFILE JPEG (kfile_jpeg) plugin in kdegraphics 3, as used by konqueror, digikam, and other KDE image browsers, allows remote attackers to cause a denial of service (stack consumption) via a crafted EXIF section in a JPEG file, which results in an infinite recursion.Show less
CVE-2006-6120 1Kde 1Koffice Apr 23, 2026 Dec 3, 2006 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Integer overflow in the KPresenter import filter for Microsoft PowerPoint files (filters/olefilters/lib/klaola.cc) in KOffice before 1.6.1 allows user-assisted remote attackers to execute arbitrary code via a crafted PPT...Show more Integer overflow in the KPresenter import filter for Microsoft PowerPoint files (filters/olefilters/lib/klaola.cc) in KOffice before 1.6.1 allows user-assisted remote attackers to execute arbitrary code via a crafted PPT file, which results in a heap-based buffer overflow.Show less
CVE-2006-3742 1Kde 1Kdebase Apr 16, 2026 Sep 6, 2006 N/A· v4 N/A· v3 10.0 HIGH· v2 The KDE PAM configuration shipped with Fedora Core 5 causes KDM passwords to be cached, which allows attackers to login without a password by attempting to log in multiple times.
CVE-2006-2933 2Kde Redhat 3Enterprise Linux Enterprise Linux DesktopKde Apr 16, 2026 Jul 27, 2006 N/A· v4 N/A· v3 4.6 MEDIUM· v2 kdesktop_lock in kdebase before 3.1.3-5.11 for KDE in Red Hat Enterprise Linux (RHEL) 3 does not properly terminate, which can prevent the screensaver from activating or prevent users from manually locking the desktop.
CVE-2006-3672 1Kde 1Konqueror Apr 16, 2026 Jul 18, 2006 N/A· v4 N/A· v3 2.6 LOW· v2 KDE Konqueror 3.5.1 and earlier allows remote attackers to cause a denial of service (application crash) by calling the replaceChild method on a DOM object, which triggers a null dereference, as demonstrated by calling d...Show more KDE Konqueror 3.5.1 and earlier allows remote attackers to cause a denial of service (application crash) by calling the replaceChild method on a DOM object, which triggers a null dereference, as demonstrated by calling document.replaceChild with a 0 (zero) argument.Show less
CVE-2006-2916 1Kde 1Arts Apr 16, 2026 Jun 15, 2006 N/A· v4 7.8 HIGH· v3 6.0 MEDIUM· v2 artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, whi...Show more artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges.Show less
CVE-2006-2449 1Kde 1Kde Apr 16, 2026 Jun 15, 2006 N/A· v4 N/A· v3 4.0 MEDIUM· v2 KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users to read arbitrary files via a symlink attack related to the session type for login.
CVE-2006-0019 1Kde 1Kde Apr 16, 2026 Jan 20, 2006 N/A· v4 N/A· v3 7.5 HIGH· v2 Heap-based buffer overflow in the encodeURI and decodeURI functions in the kjs JavaScript interpreter engine in KDE 3.2.0 through 3.5.0 allows remote attackers to execute arbitrary code via a crafted, UTF-8 encoded URI.
CVE-2005-4684 1Kde 1Konqueror Apr 16, 2026 Dec 31, 2005 N/A· v4 N/A· v3 6.4 MEDIUM· v2 Konqueror can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a user into accepting a cookie for a hostname formed via searc...Show more Konqueror can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a user into accepting a cookie for a hostname formed via search-list expansion of the hostname entered by the user, or steal a cookie for an expanded hostname, as demonstrated by an attacker who operates an ap1.com Internet web site to steal cookies associated with an ap1.com.example.com intranet web site.Show less
CVE-2005-3626 18Conectiva DebianEasy Software Products+15 more 33Cups Debian LinuxEnterprise Linux+30 more Apr 16, 2026 Dec 31, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null derefer...Show more Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.Show less
CVE-2005-3625 18Conectiva DebianEasy Software Products+15 more 33Cups Debian LinuxEnterprise Linux+30 more Apr 16, 2026 Dec 31, 2005 N/A· v4 N/A· v3 10.0 HIGH· v2 Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated usi...Show more Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."Show less
CVE-2005-3624 18Conectiva DebianEasy Software Products+15 more 33Cups Debian LinuxEnterprise Linux+30 more Apr 16, 2026 Dec 31, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDe...Show more The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.Show less
CVE-2005-2971 1Kde 1Koffice Apr 16, 2026 Oct 20, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Heap-based buffer overflow in the KWord RTF importer for KOffice 1.2.0 through 1.4.1 allows remote attackers to execute arbitrary code via a crafted RTF file.
CVE-2005-2494 1Kde 1Kde Apr 16, 2026 Sep 6, 2005 N/A· v4 N/A· v3 7.2 HIGH· v2 kcheckpass in KDE 3.2.0 up to 3.4.2 allows local users to gain root access via a symlink attack on lock files.
CVE-2005-2101 1Kde 1Kde Apr 16, 2026 Aug 17, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 langen2kvtml in KDE 3.0 to 3.4.2 creates insecure temporary files in /tmp with predictable names, which allows local users to overwrite arbitrary files.
CVE-2005-2097 2Kde Xpdf 2Kpdf Xpdf Apr 16, 2026 Aug 16, 2005 N/A· v4 N/A· v3 2.1 LOW· v2 xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temp...Show more xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information.Show less
CVE-2005-1920 2Debian Kde 2Debian Linux Kde Apr 16, 2026 Jul 26, 2005 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote atta...Show more The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information.Show less
CVE-2005-1852 4Centericq EkgKadu+1 more 4Centericq EkgKadu+1 more Apr 16, 2026 Jul 26, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly...Show more Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message.Show less
CVE-2005-1046 1Kde 1Kde Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in the kimgio library for KDE 3.4.0 allows remote attackers to execute arbitrary code via a crafted PCX image file.

Previous 1...567...10 Next