Vendor CVEs
KDE
All CVEs
223 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-3100 | Hig | 0.55 | 8.4 | 0.00 | Jul 13, 2016 | kinit in KDE Frameworks before 5.23.0 uses weak permissions (644) for /tmp/xauth-xxx-_y, which allows local users to obtain X11 cookies of other users and consequently capture keystrokes and possibly gain privileges by reading the file. | ||
| CVE-2017-8422 | Hig | 0.54 | 7.8 | 0.02 | May 17, 2017 | KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app. | ||
| CVE-2025-49091 | Hig | 0.53 | 8.2 | 0.01 | Jun 11, 2025 | KDE Konsole before 25.04.2 allows remote code execution in a certain scenario. It supports loading URLs from the scheme handlers such as a ssh:// or telnet:// or rlogin:// URL. This can be executed regardless of whether the ssh, telnet, or rlogin binary is available. In this… | ||
| CVE-2016-7967 | Hig | 0.53 | 8.1 | 0.02 | Dec 23, 2016 | KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. Since the generated html is executed in the local file security context by default access to remote and local URLs was enabled. | ||
| CVE-2018-10380 | Hig | 0.51 | 7.8 | 0.00 | May 8, 2018 | kwallet-pam in KDE KWallet before 5.12.6 allows local users to obtain ownership of arbitrary files via a symlink attack. | ||
| CVE-2017-5330 | Hig | 0.51 | 7.8 | 0.03 | Mar 27, 2017 | ark before 16.12.1 might allow remote attackers to execute arbitrary code via an executable in an archive, related to associated applications. | ||
| CVE-2006-2916 | Hig | 0.51 | 7.8 | 0.00 | Jun 15, 2006 | artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges. | ||
| CVE-2017-15923 | Hig | 0.49 | 7.5 | 0.03 | Nov 15, 2017 | Konversation 1.4.x, 1.5.x, 1.6.x, and 1.7.x before 1.7.3 allow remote attackers to cause a denial of service (crash) via vectors related to parsing of IRC color formatting codes. | ||
| CVE-2017-9604 | Hig | 0.49 | 7.5 | 0.01 | Jun 13, 2017 | KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the… | ||
| CVE-2016-6232 | Hig | 0.49 | 7.5 | 0.04 | Aug 2, 2016 | Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ (dot dot slash) in a filename in an archive file, related to KNewsstuff downloads. | ||
| CVE-2005-1920 | Hig | 0.49 | 7.5 | 0.04 | Jul 26, 2005 | The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information. | ||
| CVE-2016-7966 | Hig | 0.48 | 7.3 | 0.02 | Dec 23, 2016 | Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal sign (=) or a space into the injected HTML, which greatly reduces the available… | ||
| CVE-2023-52723 | Hig | 0.46 | 7.1 | 0.01 | Apr 29, 2024 | In KDE libksieve before 23.03.80, kmanagesieve/session.cpp places a cleartext password in server logs because a username variable is accidentally given a password value. | ||
| CVE-2015-7543 | Hig | 0.46 | 7.0 | 0.00 | Jul 25, 2017 | aRts 1.5.10 and kdelibs3 3.5.10 and earlier do not properly create temporary directories, which allows local users to hijack the IPC by pre-creating the temporary directory. | ||
| CVE-2006-6811 | Med | 0.46 | 6.5 | 0.10 | Dec 29, 2006 | KsIRC 1.3.12 allows remote attackers to cause a denial of service (crash) via a long PRIVMSG string when connecting to an Internet Relay Chat (IRC) server, which causes an assertion failure and results in a NULL pointer dereference. NOTE: this issue was originally reported as a… | ||
| CVE-2004-0689 | Hig | 0.46 | 7.1 | 0.00 | Sep 28, 2004 | KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files. | ||
| CVE-2026-41527 | Med | 0.45 | 6.9 | 0.00 | Apr 21, 2026 | KDE Kleopatra before 26.08.0 on Windows allows local users to obtain the privileges of a Kleopatra user, because there is an error in the mechanism (KUniqueService) for ensuring that only one instance is running. | ||
| CVE-2025-59820 | Med | 0.44 | 6.7 | 0.00 | Nov 26, 2025 | In KDE Krita before 5.2.13, loading a manipulated TGA file could result in a heap-based buffer overflow in plugins/impex/tga/kis_tga_import.cpp (aka KisTgaImport). Control flow proceeds even when a number of pixels becomes negative. | ||
| CVE-2018-6791 | Med | 0.44 | 6.8 | 0.01 | Feb 7, 2018 | An issue was discovered in soliduiserver/deviceserviceaction.cpp in KDE Plasma Workspace before 5.12.0. When a vfat thumbdrive that contains `` or $() in its volume label is plugged in and mounted through the device notifier, it's interpreted as a shell command, leading to a… | ||
| CVE-2016-2312 | Med | 0.44 | 6.8 | 0.00 | Dec 23, 2016 | Turning all screens off in Plasma-workspace and kscreenlocker while the lock screen is shown can result in the screen being unlocked when turning a screen on again. | ||
| CVE-2026-45184 | Med | 0.42 | 6.5 | 0.00 | May 9, 2026 | Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used. | ||
| CVE-2016-7968 | Med | 0.42 | 6.5 | 0.01 | Dec 23, 2016 | KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. HTML Mail contents were not sanitized for JavaScript and included code was executed. | ||
| CVE-2024-50624 | Med | 0.38 | 5.9 | 0.00 | Oct 28, 2024 | ispdbservice.cpp in KDE Kmail before 6.2.0 allows man-in-the-middle attackers to trigger use of an attacker-controlled mail server because cleartext HTTP is used for a URL such as http://autoconfig.example.com or http://example.com/.well-known/autoconfig for retrieving the… | ||
| CVE-2014-8878 | Med | 0.38 | 5.9 | 0.01 | Sep 28, 2017 | KDE KMail does not encrypt attachments in emails when "automatic encryption" is enabled, which allows remote attackers to obtain sensitive information by sniffing the network. | ||
| CVE-2018-1000801 | Med | 0.36 | 5.5 | 0.02 | Sep 6, 2018 | okular version 18.08 and earlier contains a Directory Traversal vulnerability in function "unpackDocumentArchive(...)" in "core/document.cpp" that can result in Arbitrary file creation on the user workstation. This attack appear to be exploitable via he victim must open a… | ||
| CVE-2017-6410 | Med | 0.36 | 5.5 | 0.01 | Mar 2, 2017 | kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls the PAC FindProxyForURL function with a full https URL (potentially including Basic Authentication credentials, a query string, or PATH_INFO), which allows remote attackers to obtain sensitive information… | ||
| CVE-2026-41526 | Med | 0.35 | 6.5 | 0.00 | Apr 28, 2026 | In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they can be passed to a shell command. This parsing does not adequately handle metacharacters, leading to an escape from the shell. All applications relying on this method in a… | ||
| CVE-2026-41525 | Med | 0.35 | 6.5 | 0.00 | Apr 28, 2026 | KDE Dolphin before 25.12.3 allows applications in a Flatpak (or with AppArmor confinement) to open folders outside of the application sandbox without additional scrutiny. Dolphin's implementation of the FileManager1 protocol allows the path given to be any type of file,… | ||
| CVE-2018-6790 | Med | 0.35 | 5.3 | 0.02 | Feb 7, 2018 | An issue was discovered in KDE Plasma Workspace before 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote attackers to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG element. | ||
| CVE-2016-7787 | Med | 0.32 | 4.9 | 0.02 | Dec 23, 2016 | A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super user. | ||
| CVE-2025-32898 | Med | 0.31 | 4.7 | 0.00 | Dec 5, 2025 | The KDE Connect verification-code protocol before 2025-04-18 uses only 8 characters and therefore allows brute-force attacks. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5 on iOS, Valent before 1.0.0.alpha.47, and… | ||
| CVE-2025-32900 | Med | 0.28 | 4.3 | 0.00 | Dec 5, 2025 | In the KDE Connect information-exchange protocol before 2025-04-18, a packet can be crafted to temporarily change the displayed information about a device, because broadcast UDP is used. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE… | ||
| CVE-2025-32901 | Med | 0.28 | 4.3 | 0.00 | Dec 5, 2025 | In KDE Connect before 1.33.0 on Android, malicious device IDs (sent via broadcast UDP) could cause an application crash. | ||
| CVE-2025-32899 | Med | 0.28 | 4.3 | 0.00 | Dec 5, 2025 | In KDE Connect before 1.33.0 on Android, a packet can be crafted that causes two paired devices to unpair. Specifically, it is an invalid discovery packet sent over broadcast UDP. | ||
| CVE-2026-42095 | Med | 0.26 | 4.0 | 0.00 | Apr 24, 2026 | bookserver in KDE Arianna before 26.04.1 allows attackers to read files over a socket connection by guessing a URL. | ||
| CVE-2024-57966 | Med | 0.26 | 5.0 | 0.00 | Feb 3, 2025 | libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive. | ||
| CVE-2025-66270 | Med | 0.24 | 4.7 | 0.00 | Dec 5, 2025 | The KDE Connect protocol 8 before 2025-11-28 does not correlate device IDs across two packets. This affects KDE Connect before 25.12 on desktop, KDE Connect before 0.5.4 on iOS, KDE Connect before 1.34.4 on Android, GSConnect before 68, and Valent before 1.0.0.alpha.49. | ||
| CVE-2025-69412 | Low | 0.22 | 3.4 | 0.00 | Jan 1, 2026 | KDE messagelib before 25.11.90 ignores SSL errors for threatMatches:find in the Google Safe Browsing Lookup API (aka phishing API), which might allow spoofing of threat data. NOTE: this Lookup API is not contacted in the messagelib default configuration. | ||
| CVE-2025-55174 | Low | 0.14 | 3.2 | 0.00 | Nov 26, 2025 | In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new file at the beginning followed by the partial contents of the old file at the end, because of use of QIODevice::ReadWrite instead of QODevice::WriteOnly. | ||
| CVE-2012-3456 | 0.05 | — | 0.20 | Aug 20, 2012 | Heap-based buffer overflow in the read function in filters/words/msword-odf/wv2/src/styles.cpp in the Microsoft import filter in Calligra 2.4.3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted… | |||
| CVE-2012-4512 | 0.04 | — | 0.12 | Feb 8, 2020 | The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "type confusion." | |||
| CVE-2012-4515 | 0.04 | — | 0.06 | Nov 11, 2012 | Use-after-free vulnerability in khtml/rendering/render_replaced.cpp in Konqueror in KDE 4.7.3, when the context menu is shown, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by accessing an iframe when it is being updated. | |||
| CVE-2012-4514 | 0.04 | — | 0.10 | Nov 11, 2012 | rendering/render_replaced.cpp in Konqueror in KDE before 4.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted web page, related to "trying to reuse a frame with a null part." | |||
| CVE-2012-4513 | 0.04 | — | 0.13 | Nov 11, 2012 | khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read. | |||
| CVE-2008-4514 | 0.04 | — | 0.08 | Oct 9, 2008 | The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to cause a denial of service (application crash) via a font tag with a long color value, which triggers an assertion error. | |||
| CVE-2007-1308 | 0.04 | — | 0.08 | Mar 7, 2007 | ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror in KDE 3.5.5, allows remote attackers to cause a denial of service (crash) by accessing the content of an iframe with an ftp:// URI in the src attribute, probably due to a NULL pointer dereference. | |||
| CVE-2006-3672 | 0.04 | — | 0.07 | Jul 18, 2006 | KDE Konqueror 3.5.1 and earlier allows remote attackers to cause a denial of service (application crash) by calling the replaceChild method on a DOM object, which triggers a null dereference, as demonstrated by calling document.replaceChild with a 0 (zero) argument. | |||
| CVE-2004-1491 | 0.04 | — | 0.13 | Dec 31, 2004 | Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry. | |||
| CVE-2002-1224 | 0.04 | — | 0.09 | Oct 28, 2002 | Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE 3.0.3a allows remote attackers to read arbitrary files as the kpf user via a URL with a modified icon parameter. | |||
| CVE-2000-0491 | 0.04 | — | 0.18 | May 24, 2000 | Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request. |
- risk 0.55cvss 8.4epss 0.00
kinit in KDE Frameworks before 5.23.0 uses weak permissions (644) for /tmp/xauth-xxx-_y, which allows local users to obtain X11 cookies of other users and consequently capture keystrokes and possibly gain privileges by reading the file.
- risk 0.54cvss 7.8epss 0.02
KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.
- risk 0.53cvss 8.2epss 0.01
KDE Konsole before 25.04.2 allows remote code execution in a certain scenario. It supports loading URLs from the scheme handlers such as a ssh:// or telnet:// or rlogin:// URL. This can be executed regardless of whether the ssh, telnet, or rlogin binary is available. In this…
- risk 0.53cvss 8.1epss 0.02
KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. Since the generated html is executed in the local file security context by default access to remote and local URLs was enabled.
- risk 0.51cvss 7.8epss 0.00
kwallet-pam in KDE KWallet before 5.12.6 allows local users to obtain ownership of arbitrary files via a symlink attack.
- risk 0.51cvss 7.8epss 0.03
ark before 16.12.1 might allow remote attackers to execute arbitrary code via an executable in an archive, related to associated applications.
- risk 0.51cvss 7.8epss 0.00
artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges.
- risk 0.49cvss 7.5epss 0.03
Konversation 1.4.x, 1.5.x, 1.6.x, and 1.7.x before 1.7.3 allow remote attackers to cause a denial of service (crash) via vectors related to parsing of IRC color formatting codes.
- risk 0.49cvss 7.5epss 0.01
KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the…
- risk 0.49cvss 7.5epss 0.04
Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ (dot dot slash) in a filename in an archive file, related to KNewsstuff downloads.
- risk 0.49cvss 7.5epss 0.04
The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information.
- risk 0.48cvss 7.3epss 0.02
Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal sign (=) or a space into the injected HTML, which greatly reduces the available…
- risk 0.46cvss 7.1epss 0.01
In KDE libksieve before 23.03.80, kmanagesieve/session.cpp places a cleartext password in server logs because a username variable is accidentally given a password value.
- risk 0.46cvss 7.0epss 0.00
aRts 1.5.10 and kdelibs3 3.5.10 and earlier do not properly create temporary directories, which allows local users to hijack the IPC by pre-creating the temporary directory.
- risk 0.46cvss 6.5epss 0.10
KsIRC 1.3.12 allows remote attackers to cause a denial of service (crash) via a long PRIVMSG string when connecting to an Internet Relay Chat (IRC) server, which causes an assertion failure and results in a NULL pointer dereference. NOTE: this issue was originally reported as a…
- risk 0.46cvss 7.1epss 0.00
KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files.
- risk 0.45cvss 6.9epss 0.00
KDE Kleopatra before 26.08.0 on Windows allows local users to obtain the privileges of a Kleopatra user, because there is an error in the mechanism (KUniqueService) for ensuring that only one instance is running.
- risk 0.44cvss 6.7epss 0.00
In KDE Krita before 5.2.13, loading a manipulated TGA file could result in a heap-based buffer overflow in plugins/impex/tga/kis_tga_import.cpp (aka KisTgaImport). Control flow proceeds even when a number of pixels becomes negative.
- risk 0.44cvss 6.8epss 0.01
An issue was discovered in soliduiserver/deviceserviceaction.cpp in KDE Plasma Workspace before 5.12.0. When a vfat thumbdrive that contains `` or $() in its volume label is plugged in and mounted through the device notifier, it's interpreted as a shell command, leading to a…
- risk 0.44cvss 6.8epss 0.00
Turning all screens off in Plasma-workspace and kscreenlocker while the lock screen is shown can result in the screen being unlocked when turning a screen on again.
- risk 0.42cvss 6.5epss 0.00
Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used.
- risk 0.42cvss 6.5epss 0.01
KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. HTML Mail contents were not sanitized for JavaScript and included code was executed.
- risk 0.38cvss 5.9epss 0.00
ispdbservice.cpp in KDE Kmail before 6.2.0 allows man-in-the-middle attackers to trigger use of an attacker-controlled mail server because cleartext HTTP is used for a URL such as http://autoconfig.example.com or http://example.com/.well-known/autoconfig for retrieving the…
- risk 0.38cvss 5.9epss 0.01
KDE KMail does not encrypt attachments in emails when "automatic encryption" is enabled, which allows remote attackers to obtain sensitive information by sniffing the network.
- risk 0.36cvss 5.5epss 0.02
okular version 18.08 and earlier contains a Directory Traversal vulnerability in function "unpackDocumentArchive(...)" in "core/document.cpp" that can result in Arbitrary file creation on the user workstation. This attack appear to be exploitable via he victim must open a…
- risk 0.36cvss 5.5epss 0.01
kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls the PAC FindProxyForURL function with a full https URL (potentially including Basic Authentication credentials, a query string, or PATH_INFO), which allows remote attackers to obtain sensitive information…
- risk 0.35cvss 6.5epss 0.00
In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they can be passed to a shell command. This parsing does not adequately handle metacharacters, leading to an escape from the shell. All applications relying on this method in a…
- risk 0.35cvss 6.5epss 0.00
KDE Dolphin before 25.12.3 allows applications in a Flatpak (or with AppArmor confinement) to open folders outside of the application sandbox without additional scrutiny. Dolphin's implementation of the FileManager1 protocol allows the path given to be any type of file,…
- risk 0.35cvss 5.3epss 0.02
An issue was discovered in KDE Plasma Workspace before 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote attackers to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG element.
- risk 0.32cvss 4.9epss 0.02
A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super user.
- risk 0.31cvss 4.7epss 0.00
The KDE Connect verification-code protocol before 2025-04-18 uses only 8 characters and therefore allows brute-force attacks. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5 on iOS, Valent before 1.0.0.alpha.47, and…
- risk 0.28cvss 4.3epss 0.00
In the KDE Connect information-exchange protocol before 2025-04-18, a packet can be crafted to temporarily change the displayed information about a device, because broadcast UDP is used. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE…
- risk 0.28cvss 4.3epss 0.00
In KDE Connect before 1.33.0 on Android, malicious device IDs (sent via broadcast UDP) could cause an application crash.
- risk 0.28cvss 4.3epss 0.00
In KDE Connect before 1.33.0 on Android, a packet can be crafted that causes two paired devices to unpair. Specifically, it is an invalid discovery packet sent over broadcast UDP.
- risk 0.26cvss 4.0epss 0.00
bookserver in KDE Arianna before 26.04.1 allows attackers to read files over a socket connection by guessing a URL.
- risk 0.26cvss 5.0epss 0.00
libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive.
- risk 0.24cvss 4.7epss 0.00
The KDE Connect protocol 8 before 2025-11-28 does not correlate device IDs across two packets. This affects KDE Connect before 25.12 on desktop, KDE Connect before 0.5.4 on iOS, KDE Connect before 1.34.4 on Android, GSConnect before 68, and Valent before 1.0.0.alpha.49.
- risk 0.22cvss 3.4epss 0.00
KDE messagelib before 25.11.90 ignores SSL errors for threatMatches:find in the Google Safe Browsing Lookup API (aka phishing API), which might allow spoofing of threat data. NOTE: this Lookup API is not contacted in the messagelib default configuration.
- risk 0.14cvss 3.2epss 0.00
In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new file at the beginning followed by the partial contents of the old file at the end, because of use of QIODevice::ReadWrite instead of QODevice::WriteOnly.
- CVE-2012-3456Aug 20, 2012risk 0.05cvss —epss 0.20
Heap-based buffer overflow in the read function in filters/words/msword-odf/wv2/src/styles.cpp in the Microsoft import filter in Calligra 2.4.3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted…
- CVE-2012-4512Feb 8, 2020risk 0.04cvss —epss 0.12
The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "type confusion."
- CVE-2012-4515Nov 11, 2012risk 0.04cvss —epss 0.06
Use-after-free vulnerability in khtml/rendering/render_replaced.cpp in Konqueror in KDE 4.7.3, when the context menu is shown, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by accessing an iframe when it is being updated.
- CVE-2012-4514Nov 11, 2012risk 0.04cvss —epss 0.10
rendering/render_replaced.cpp in Konqueror in KDE before 4.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted web page, related to "trying to reuse a frame with a null part."
- CVE-2012-4513Nov 11, 2012risk 0.04cvss —epss 0.13
khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read.
- CVE-2008-4514Oct 9, 2008risk 0.04cvss —epss 0.08
The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to cause a denial of service (application crash) via a font tag with a long color value, which triggers an assertion error.
- CVE-2007-1308Mar 7, 2007risk 0.04cvss —epss 0.08
ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror in KDE 3.5.5, allows remote attackers to cause a denial of service (crash) by accessing the content of an iframe with an ftp:// URI in the src attribute, probably due to a NULL pointer dereference.
- CVE-2006-3672Jul 18, 2006risk 0.04cvss —epss 0.07
KDE Konqueror 3.5.1 and earlier allows remote attackers to cause a denial of service (application crash) by calling the replaceChild method on a DOM object, which triggers a null dereference, as demonstrated by calling document.replaceChild with a 0 (zero) argument.
- CVE-2004-1491Dec 31, 2004risk 0.04cvss —epss 0.13
Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry.
- CVE-2002-1224Oct 28, 2002risk 0.04cvss —epss 0.09
Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE 3.0.3a allows remote attackers to read arbitrary files as the kpf user via a URL with a modified icon parameter.
- CVE-2000-0491May 24, 2000risk 0.04cvss —epss 0.18
Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request.
Page 1 of 5