| Max CVSS | 7.2 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-14744 | 5.1 |
In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated
|
28-02-2023 - 18:26 | 07-08-2019 - 15:15 | |
| CVE-2011-1168 | 4.3 |
Cross-site scripting (XSS) vulnerability in the KHTMLPart::htmlError function in khtml/khtml_part.cpp in Konqueror in KDE SC 4.4.0 through 4.6.1 allows remote attackers to inject arbitrary web script or HTML via the URI in a URL corresponding to an u
|
13-02-2023 - 04:29 | 18-04-2011 - 18:55 | |
| CVE-2011-3365 | 4.3 |
The KDE SSL Wrapper (KSSL) API in KDE SC 4.6.0 through 4.7.1, and possibly earlier versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certific
|
13-02-2023 - 00:19 | 29-11-2011 - 17:55 | |
| CVE-2017-8422 | 7.2 |
KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.
|
03-10-2019 - 00:03 | 17-05-2017 - 14:29 | |
| CVE-2018-6790 | 5.0 |
An issue was discovered in KDE Plasma Workspace before 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote attackers to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG eleme
|
06-08-2019 - 17:15 | 07-02-2018 - 02:29 | |
| CVE-2012-4513 | 6.4 |
khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read
|
12-11-2012 - 20:57 | 11-11-2012 - 13:00 |