Fabian Vogt

3 exploits Active since Jul 2018
CVE-2018-14345 WRITEUP HIGH WRITEUP
SDDM <0.17.0 - Privilege Escalation
An issue was discovered in SDDM through 0.17.0. If configured with ReuseSession=true, the password is not checked for users with an already existing session. Any user with access to the system D-Bus can therefore unlock any graphical session. This is related to daemon/Display.cpp and helper/backend/PamBackend.cpp.
CVSS 7.5
CVE-2020-24654 WRITEUP LOW WRITEUP
KDE Ark < 20.08.1 - Arbitrary File Write via Symlink in TAR Archive
In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory.
CVSS 3.3
CVE-2024-57966 WRITEUP MEDIUM WRITEUP
KDE ark < 24.12.0 - Absolute Path Traversal via Archive Extraction
libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive.
CVSS 5.0