Total
69 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-2449 | 1 Kde | 1 Kde | 2025-04-03 | 4.0 MEDIUM | N/A |
| KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users to read arbitrary files via a symlink attack related to the session type for login. | |||||
| CVE-2005-0404 | 2 Kde, Kmail | 2 Kde, Kmail | 2025-04-03 | 5.0 MEDIUM | N/A |
| KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email. | |||||
| CVE-2005-0011 | 1 Kde | 1 Kde | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple vulnerabilities in fliccd, when installed setuid root as part of the kdeedu Kstars support for Instrument Neutral Distributed Interface (INDI) in KDE 3.3 to 3.3.2, allow local users and remote attackers to execute arbitrary code via stack-based buffer overflows. | |||||
| CVE-2004-0889 | 11 Debian, Easy Software Products, Gentoo and 8 more | 16 Debian Linux, Cups, Linux and 13 more | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888. | |||||
| CVE-1999-0781 | 3 Freebsd, Kde, Linux | 3 Freebsd, Kde, Linux Kernel | 2025-04-03 | 7.2 HIGH | N/A |
| KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables. | |||||
| CVE-2000-0460 | 1 Kde | 1 Kde | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable. | |||||
| CVE-2000-0530 | 2 Caldera, Kde | 2 Openlinux, Kde | 2025-04-03 | 7.2 HIGH | N/A |
| The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files. | |||||
| CVE-2002-1306 | 1 Kde | 1 Kde | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KDE 3.x before 3.0.4, allow (1) local and possibly remote attackers to execute arbitrary code via the "lisa" daemon, and (2) remote attackers to execute arbitrary code via a certain "lan://" URL. | |||||
| CVE-2000-0371 | 1 Kde | 1 Kde | 2025-04-03 | 1.2 LOW | N/A |
| The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack. | |||||
| CVE-2005-0206 | 15 Ascii, Cstex, Debian and 12 more | 22 Ptex, Cstetex, Debian Linux and 19 more | 2025-04-03 | 7.5 HIGH | N/A |
| The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. | |||||
| CVE-2005-1046 | 1 Kde | 1 Kde | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the kimgio library for KDE 3.4.0 allows remote attackers to execute arbitrary code via a crafted PCX image file. | |||||
| CVE-2006-2933 | 2 Kde, Redhat | 3 Kde, Enterprise Linux, Enterprise Linux Desktop | 2025-04-03 | 4.6 MEDIUM | N/A |
| kdesktop_lock in kdebase before 3.1.3-5.11 for KDE in Red Hat Enterprise Linux (RHEL) 3 does not properly terminate, which can prevent the screensaver from activating or prevent users from manually locking the desktop. | |||||
| CVE-2005-0205 | 2 Bernd Wuebben, Kde | 2 Kppp, Kde | 2025-04-03 | 4.6 MEDIUM | N/A |
| KPPP 2.1.2 in KDE 3.1.5 and earlier, when setuid root without certain wrappers, does not properly close a privileged file descriptor for a domain socket, which allows local users to read and write to /etc/hosts and /etc/resolv.conf and gain control over DNS name resolution by opening a number of file descriptors before executing kppp. | |||||
| CVE-2002-1247 | 2 Kde, Lisa | 3 Kde, Klisa, Lisa | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon. | |||||
| CVE-1999-0782 | 3 Freebsd, Kde, Linux | 3 Freebsd, Kde, Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
| KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable. | |||||
| CVE-2002-0970 | 1 Kde | 2 Kde, Konqueror | 2025-04-03 | 7.5 HIGH | N/A |
| The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack. | |||||
| CVE-2004-0689 | 2 Debian, Kde | 2 Debian Linux, Kde | 2025-04-03 | 4.6 MEDIUM | 7.1 HIGH |
| KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files. | |||||
| CVE-2004-1491 | 4 Gentoo, Kde, Opera and 1 more | 4 Linux, Kde, Opera Browser and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry. | |||||
| CVE-2002-1282 | 1 Kde | 1 Kde | 2025-04-03 | 7.5 HIGH | N/A |
| Unknown vulnerability in the telnet KIO subsystem (telnet.protocol) of KDE 2.x 2.1 and later allows local and remote attackers to execute arbitrary code via a certain URL. | |||||
| CVE-2000-0393 | 1 Kde | 1 Kde | 2025-04-03 | 7.2 HIGH | N/A |
| The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute. | |||||