Vulnerabilities (CVE)

Filtered by vendor Kde Subscribe
Total 195 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-0227 2 Kde, Kicq 2 Kde, Kicq 2025-04-03 5.0 MEDIUM N/A
KICQ 2.0.0b1 allows remote attackers to cause a denial of service (crash) via a malformed message.
CVE-2005-1852 4 Centericq, Ekg, Kadu and 1 more 4 Centericq, Ekg, Kadu and 1 more 2025-04-03 7.5 HIGH N/A
Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message.
CVE-2006-0019 1 Kde 1 Kde 2025-04-03 7.5 HIGH N/A
Heap-based buffer overflow in the encodeURI and decodeURI functions in the kjs JavaScript interpreter engine in KDE 3.2.0 through 3.5.0 allows remote attackers to execute arbitrary code via a crafted, UTF-8 encoded URI.
CVE-2001-0782 1 Kde 1 Ktv 2025-04-03 7.2 HIGH N/A
KDE ktvision 0.1.1-271 and earlier allows local attackers to gain root privileges via a symlink attack on a user configuration file.
CVE-2002-0342 1 Kde 1 K-mail 2025-04-03 5.0 MEDIUM N/A
Kmail 1.2 on KDE 2.1.1 allows remote attackers to cause a denial of service (crash) via an email message whose body is approximately 55 K long.
CVE-1999-1268 1 Kde 1 Kde 2025-04-03 7.2 HIGH N/A
Vulnerability in KDE konsole allows local users to hijack or observe sessions of other users by accessing certain devices.
CVE-2002-1223 1 Kde 1 Kde 2025-04-03 7.5 HIGH N/A
Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file.
CVE-2005-3625 18 Conectiva, Debian, Easy Software Products and 15 more 33 Linux, Debian Linux, Cups and 30 more 2025-04-03 10.0 HIGH N/A
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
CVE-2004-1158 3 Kde, Mandrakesoft, Redhat 3 Konqueror, Mandrake Linux, Fedora Core 2025-04-03 7.5 HIGH N/A
Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability.
CVE-2005-0206 15 Ascii, Cstex, Debian and 12 more 22 Ptex, Cstetex, Debian Linux and 19 more 2025-04-03 7.5 HIGH N/A
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
CVE-2002-1306 1 Kde 1 Kde 2025-04-03 7.5 HIGH N/A
Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KDE 3.x before 3.0.4, allow (1) local and possibly remote attackers to execute arbitrary code via the "lisa" daemon, and (2) remote attackers to execute arbitrary code via a certain "lan://" URL.
CVE-2004-0411 1 Kde 1 Konqueror 2025-04-03 7.5 HIGH N/A
The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to the associated programs, possibly to read arbitrary files or execute arbitrary code.
CVE-2002-1224 1 Kde 1 Kde 2025-04-03 5.0 MEDIUM N/A
Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE 3.0.3a allows remote attackers to read arbitrary files as the kpf user via a URL with a modified icon parameter.
CVE-2005-0078 3 Debian, Kde, Redhat 5 Debian Linux, Kde, Enterprise Linux and 2 more 2025-04-03 4.6 MEDIUM N/A
The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session.
CVE-1999-0781 3 Freebsd, Kde, Linux 3 Freebsd, Kde, Linux Kernel 2025-04-03 7.2 HIGH N/A
KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables.
CVE-2002-1282 1 Kde 1 Kde 2025-04-03 7.5 HIGH N/A
Unknown vulnerability in the telnet KIO subsystem (telnet.protocol) of KDE 2.x 2.1 and later allows local and remote attackers to execute arbitrary code via a certain URL.
CVE-2004-0866 4 Kde, Microsoft, Mozilla and 1 more 5 Konqueror, Ie, Internet Explorer and 2 more 2025-04-03 7.5 HIGH N/A
Internet Explorer 6.0 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.
CVE-2000-0481 1 Kde 1 K-mail 2025-04-03 5.0 MEDIUM N/A
Buffer overflow in KDE Kmail allows a remote attacker to cause a denial of service via an attachment with a long file name.
CVE-2005-0011 1 Kde 1 Kde 2025-04-03 10.0 HIGH N/A
Multiple vulnerabilities in fliccd, when installed setuid root as part of the kdeedu Kstars support for Instrument Neutral Distributed Interface (INDI) in KDE 3.3 to 3.3.2, allow local users and remote attackers to execute arbitrary code via stack-based buffer overflows.
CVE-2004-1165 1 Kde 2 Kdelibs, Konqueror 2025-04-03 7.5 HIGH N/A
Konqueror 3.3.1 allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline ("%0a") before the FTP command, which causes the commands to be inserted into the resulting FTP session, as demonstrated using a PORT command.