kde
206 tracked vulnerabilities.
CVE-2020-27187
HIGH
KDE Partition Manager <4.2.0 - Privilege Escalation
Oct 26, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-26164
MEDIUM
KDE Connect < 20.08.2 - Denial of Service via Crafted Network Packets
Oct 07, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-24654
LOW
KDE Ark < 20.08.1 - Arbitrary File Write via Symlink in TAR Archive
Sep 02, 2020
CVSS 3.3
EPSS 0.01
CVE-2020-16116
LOW
KDE Ark < 20.08.0 - Path Traversal via Crafted Archive
Aug 03, 2020
CVSS 3.3
EPSS 0.01
CVE-2020-15954
MEDIUM
KDE KMail 19.12.3 - Cleartext Transmission of Sensitive Information via POP3
Jul 27, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-13152
MEDIUM
Amarok 2.8.0 - Denial of Service via Crafted M3U Playlist File
May 20, 2020
CVSS 5.5
EPSS 0.03
CVE-2020-12755
LOW
KDE kio-extras <20.04.0 - Info Disclosure
May 09, 2020
CVSS 3.3
EPSS 0.00
CVE-2020-11880
MEDIUM
KDE KMail <19.12.3 - Info Disclosure
Apr 17, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-9359
MEDIUM
KDE Okular <1.10.0 - Code Injection
Mar 24, 2020
CVSS 5.3
EPSS 0.03
CVE-2019-14744
HIGH
KDE KConfig < 5.61.0 - OS Command Injection via Malicious Desktop Files
Aug 07, 2019
CVSS 7.8
EPSS 0.01
CVE-2019-7443
HIGH
KDE KAuth < 5.55.0 - Unauthenticated Arbitrary Plugin Execution via DBus Parameter Injection
May 07, 2019
CVSS 8.1
EPSS 0.04
CVE-2019-10732
MEDIUM
KDE KMail - Cleartext Transmission of Sensitive Information via Crafted Multipart Email Reply
Apr 07, 2019
CVSS 4.3
EPSS 0.00
CVE-2018-19516
MEDIUM
KDE Applications <18.12.0 - Info Disclosure
Mar 12, 2020
CVSS 5.3
EPSS 0.00
CVE-2018-19120
HIGH
KDE Applications < 18.12.0 - Exposure of Sensitive Information via HTML Thumbnailer Plugin
Nov 29, 2018
CVSS 7.5
EPSS 0.00
CVE-2018-1000801
MEDIUM
Okular < 18.08 - Path Traversal and Arbitrary File Write via Document Archive Extraction
Sep 06, 2018
CVSS 5.5
EPSS 0.02
CVE-2018-10380
HIGH
KDE KWallet <5.12.6 - Privilege Escalation
May 08, 2018
CVSS 7.8
EPSS 0.00
CVE-2018-10361
HIGH
KTextEditor <5.45.0 - Privilege Escalation
Apr 25, 2018
CVSS 7.8
EPSS 0.00
CVE-2018-6791
MEDIUM
KDE Plasma Workspace < 5.12.0 - OS Command Injection via vfat Thumbdrive Volume Label
Feb 07, 2018
CVSS 6.8
EPSS 0.00
CVE-2018-6790
MEDIUM
KDE Plasma Workspace < 5.12.0 - Exposure of Client IP Address via Notification URL
Feb 07, 2018
CVSS 5.3
EPSS 0.00
CVE-2017-17689
MEDIUM
9folders nine - Plaintext Exfiltration via S/MIME CBC Malleability-Gadget Attack
May 16, 2018
CVSS 5.9
EPSS 0.00
CVE-2017-9604
HIGH
KDE kmail and messagelib < 5.5.2 - Missing Encryption of Sensitive Data via Send Later Feature
Jun 13, 2017
CVSS 7.5
EPSS 0.00
CVE-2017-8422
HIGH
KDE kdelibs < 4.14.32 and KAuth < 5.34 - Authentication Bypass via CallerID Spoofing
May 17, 2017
CVSS 7.8
EPSS 0.00
CVE-2017-5330
HIGH
ark <16.12.1 - Remote Code Execution
Mar 27, 2017
CVSS 7.8
EPSS 0.01
CVE-2017-6410
MEDIUM
kdelibs < 4.14.30 and kio < 5.32 - Cleartext Transmission of Sensitive Information via PAC FindProxyForURL
Mar 02, 2017
CVSS 5.5
EPSS 0.00
CVE-2016-7968
MEDIUM
KMail < 5.3.0 - Remote Code Execution via JavaScript in HTML Email
Dec 23, 2016
CVSS 6.5
EPSS 0.00
Products
kde 66
konqueror 33
kde_sc 10
kmail 10
koffice 9
kdelibs 8
kpdf 8
plasma-workspace 7
kdegraphics 6
ark 5
k-mail 5
kde-workspace 4
konqueror_embedded 4
kauth 3
kde_applications 3
kword 3
messagelib 3
KDEConnect 2
kio-extras 2
kmplayer 2
ktexteditor 2
kvt 2
okular 2
paste_applet 2
trojita 2
Arianna 1
Dolphin 1
KCoreAddons 1
KDE Connect information-exchange protocol 1
KDE Connect protocol 1
Quick Filters