Total
70 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0370 | 4 Apple, Kde, Redhat and 1 more | 6 Safari, Kde, Konqueror Embedded and 3 more | 2008-09-10 | 7.5 HIGH | N/A |
| Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack. | |||||
| CVE-2000-0460 | 1 Kde | 1 Kde | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable. | |||||
| CVE-2000-0393 | 1 Kde | 1 Kde | 2008-09-10 | 7.2 HIGH | N/A |
| The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute. | |||||
| CVE-2000-0371 | 1 Kde | 1 Kde | 2008-09-10 | 1.2 LOW | N/A |
| The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack. | |||||
| CVE-2005-2101 | 1 Kde | 1 Kde | 2008-09-05 | 5.0 MEDIUM | N/A |
| langen2kvtml in KDE 3.0 to 3.4.2 creates insecure temporary files in /tmp with predictable names, which allows local users to overwrite arbitrary files. | |||||
| CVE-2005-0404 | 2 Kde, Kmail | 2 Kde, Kmail | 2008-09-05 | 5.0 MEDIUM | N/A |
| KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email. | |||||
| CVE-2005-0011 | 1 Kde | 1 Kde | 2008-09-05 | 10.0 HIGH | N/A |
| Multiple vulnerabilities in fliccd, when installed setuid root as part of the kdeedu Kstars support for Instrument Neutral Distributed Interface (INDI) in KDE 3.3 to 3.3.2, allow local users and remote attackers to execute arbitrary code via stack-based buffer overflows. | |||||
| CVE-2002-2333 | 1 Kde | 1 Kde | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in konqueror in KDE 2.1 through 3.0 and 3.0.2 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes. | |||||
| CVE-2002-1223 | 1 Kde | 1 Kde | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file. | |||||
| CVE-2002-1224 | 1 Kde | 1 Kde | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE 3.0.3a allows remote attackers to read arbitrary files as the kpf user via a URL with a modified icon parameter. | |||||