Export limit exceeded: 366908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 366908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 366908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (117 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-45184 | 1 Kde | 1 Kdenlive | 2026-05-11 | 6.5 Medium |
| Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used. | ||||
| CVE-2009-4035 | 4 Gnome, Kde, Redhat and 1 more | 5 Gpdf, Kdegraphics, Kpdf and 2 more | 2026-04-23 | N/A |
| The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a crafted Type 1 font that can produce a negative value, leading to a signed-to-unsigned integer conversion error and a buffer overflow. | ||||
| CVE-2008-1671 | 1 Kde | 1 Kde | 2026-04-23 | N/A |
| start_kdeinit in KDE 3.5.5 through 3.5.9, when installed setuid root, allows local users to cause a denial of service and possibly execute arbitrary code via "user-influenceable input" (probably command-line arguments) that cause start_kdeinit to send SIGUSR1 signals to other processes. | ||||
| CVE-2009-2702 | 1 Kde | 1 Kdelibs | 2026-04-23 | N/A |
| KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. | ||||
| CVE-2008-1670 | 1 Kde | 1 Kde | 2026-04-23 | N/A |
| Heap-based buffer overflow in the progressive PNG Image loader (decoders/pngloader.cpp) in KHTML in KDE 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted image. | ||||
| CVE-2008-5698 | 1 Kde | 2 Kde, Konqueror | 2026-04-23 | N/A |
| HTMLTokenizer::scriptHandler in Konqueror in KDE 3.5.9 and 3.5.10 allows remote attackers to cause a denial of service (application crash) via an invalid document.load call that triggers use of a deleted object. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-5963 | 1 Kde | 1 Kde | 2026-04-23 | N/A |
| Unspecified vulnerability in kdebase allows local users to cause a denial of service (KDM login inaccessible, or resource consumption) via unknown vectors. | ||||
| CVE-2007-4569 | 2 Kde, Redhat | 2 Kde, Enterprise Linux | 2026-04-23 | N/A |
| backend/session.c in KDM in KDE 3.3.0 through 3.5.7, when autologin is configured and "shutdown with password" is enabled, allows remote attackers to bypass the password requirement and login to arbitrary accounts via unspecified vectors. | ||||
| CVE-2006-7139 | 1 Kde | 2 K-mail, Kde | 2026-04-23 | N/A |
| Kmail 1.9.1 on KDE 3.5.2, with "Prefer HTML to Plain Text" enabled, allows remote attackers to cause a denial of service (crash) via an HTML e-mail with certain table and frameset tags that trigger a segmentation fault, possibly involving invalid free or delete operations. | ||||
| CVE-2007-0104 | 2 Kde, Xpdf | 2 Kde, Xpdf | 2026-04-23 | N/A |
| The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node. | ||||
| CVE-2006-6297 | 1 Kde | 1 Kdegraphics | 2026-04-23 | N/A |
| Stack consumption vulnerability in the KFILE JPEG (kfile_jpeg) plugin in kdegraphics 3, as used by konqueror, digikam, and other KDE image browsers, allows remote attackers to cause a denial of service (stack consumption) via a crafted EXIF section in a JPEG file, which results in an infinite recursion. | ||||
| CVE-2002-1151 | 2 Kde, Redhat | 4 Kde, Konqueror, Enterprise Linux and 1 more | 2026-04-16 | N/A |
| The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 through 3.0.3 does not properly initialize the domains on sub-frames and sub-iframes, which can allow remote attackers to execute script and steal cookies from subframes that are in other domains. | ||||
| CVE-2000-0371 | 1 Kde | 1 Kde | 2026-04-16 | N/A |
| The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack. | ||||
| CVE-2002-1152 | 2 Kde, Redhat | 2 Kde, Linux | 2026-04-16 | N/A |
| Konqueror in KDE 3.0 through 3.0.2 does not properly detect the "secure" flag in an HTTP cookie, which could cause Konqueror to send the cookie across an unencrypted channel, which could allow remote attackers to steal the cookie via sniffing. | ||||
| CVE-2002-0970 | 2 Kde, Redhat | 4 Kde, Konqueror, Enterprise Linux and 1 more | 2026-04-16 | N/A |
| The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack. | ||||
| CVE-2002-0227 | 2 Kde, Kicq | 2 Kde, Kicq | 2026-04-16 | N/A |
| KICQ 2.0.0b1 allows remote attackers to cause a denial of service (crash) via a malformed message. | ||||
| CVE-1999-1096 | 1 Kde | 1 Kde | 2026-04-16 | N/A |
| Buffer overflow in kscreensaver in KDE klock allows local users to gain root privileges via a long HOME environmental variable. | ||||
| CVE-1999-0780 | 3 Freebsd, Kde, Linux | 3 Freebsd, Kde, Linux Kernel | 2026-04-16 | N/A |
| KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file. | ||||
| CVE-2001-0610 | 2 Kde, Suse | 2 Kde, Suse Linux | 2026-04-16 | N/A |
| kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp. | ||||
| CVE-2000-0530 | 2 Caldera, Kde | 2 Openlinux, Kde | 2026-04-16 | N/A |
| The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files. | ||||