Filtered by vendor Kde
Subscribe
Total
193 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1152 | 1 Kde | 1 Kde | 2023-12-10 | 7.5 HIGH | N/A |
Konqueror in KDE 3.0 through 3.0.2 does not properly detect the "secure" flag in an HTTP cookie, which could cause Konqueror to send the cookie across an unencrypted channel, which could allow remote attackers to steal the cookie via sniffing. | |||||
CVE-2002-1247 | 2 Kde, Lisa | 3 Kde, Klisa, Lisa | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon. | |||||
CVE-1999-1268 | 1 Kde | 1 Kde | 2023-12-10 | 7.2 HIGH | N/A |
Vulnerability in KDE konsole allows local users to hijack or observe sessions of other users by accessing certain devices. | |||||
CVE-1999-1107 | 1 Kde | 1 Kde | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable. | |||||
CVE-2002-1281 | 1 Kde | 1 Kde | 2023-12-10 | 7.5 HIGH | N/A |
Unknown vulnerability in the rlogin KIO subsystem (rlogin.protocol) of KDE 2.x 2.1 and later, and KDE 3.x 3.0.4 and earlier, allows local and remote attackers to execute arbitrary code via a certain URL. | |||||
CVE-2002-1223 | 1 Kde | 1 Kde | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file. | |||||
CVE-2004-0803 | 9 Apple, Kde, Libtiff and 6 more | 13 Mac Os X, Mac Os X Server, Kde and 10 more | 2023-12-10 | 7.5 HIGH | N/A |
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files. | |||||
CVE-2000-0373 | 1 Kde | 1 Kvt | 2023-12-10 | 7.2 HIGH | N/A |
Vulnerabilities in the KDE kvt terminal program allow local users to gain root privileges. | |||||
CVE-1999-1106 | 1 Kde | 1 Kde | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in kppp in KDE allows local users to gain root access via a long -c (account_name) command line argument. | |||||
CVE-2002-1282 | 1 Kde | 1 Kde | 2023-12-10 | 7.5 HIGH | N/A |
Unknown vulnerability in the telnet KIO subsystem (telnet.protocol) of KDE 2.x 2.1 and later allows local and remote attackers to execute arbitrary code via a certain URL. | |||||
CVE-1999-0782 | 3 Freebsd, Kde, Linux | 3 Freebsd, Kde, Linux Kernel | 2023-12-10 | 2.1 LOW | N/A |
KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable. | |||||
CVE-1999-0780 | 3 Freebsd, Kde, Linux | 3 Freebsd, Kde, Linux Kernel | 2023-12-10 | 4.6 MEDIUM | N/A |
KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file. | |||||
CVE-2003-0370 | 4 Apple, Kde, Redhat and 1 more | 6 Safari, Kde, Konqueror Embedded and 3 more | 2023-12-10 | 7.5 HIGH | N/A |
Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack. | |||||
CVE-2003-0256 | 1 Kde | 1 Kopete | 2023-12-10 | 7.5 HIGH | N/A |
The GnuPG plugin in kopete before 0.6.2 does not properly cleanse the command line when executing gpg, which allows remote attackers to execute arbitrary commands. | |||||
CVE-2000-0393 | 1 Kde | 1 Kde | 2023-12-10 | 7.2 HIGH | N/A |
The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute. | |||||
CVE-2002-0970 | 1 Kde | 2 Kde, Konqueror | 2023-12-10 | 7.5 HIGH | N/A |
The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack. | |||||
CVE-2004-0721 | 1 Kde | 1 Konqueror | 2023-12-10 | 7.5 HIGH | N/A |
Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. | |||||
CVE-2004-0867 | 4 Kde, Microsoft, Mozilla and 1 more | 5 Konqueror, Ie, Internet Explorer and 2 more | 2023-12-10 | 7.5 HIGH | N/A |
Mozilla Firefox 0.9.2 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. NOTE: it was later reported that 2.x is also affected. | |||||
CVE-2000-0460 | 1 Kde | 1 Kde | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable. | |||||
CVE-2004-0690 | 1 Kde | 1 Kde | 2023-12-10 | 4.6 MEDIUM | N/A |
The DCOPServer in KDE 3.2.3 and earlier allows local users to gain unauthorized access via a symlink attack on DCOP files in the /tmp directory. |