Software
KDE MessagelibKDE Messagelib through 5.17.0 reveals cleartext of encrypted messages in some situations. Deleting a…
openSUSE Backports SLEIn kdeconnect-kde (aka KDE Connect) before 20.08.2, an attacker on the local network could send craf…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Canonical Ubuntu LinuxIn KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extract…
KDE KMailKDE KMail 19.12.3 (aka 5.13.3) engages in unencrypted POP3 communication during times when the UI in…
CVE-2020-13152A remote user can create a specially crafted M3U file, media playlist file that when loaded by the t…
KDE KMailAn issue was discovered in KDE KMail before 19.12.3. By using the proprietary (non-RFC6068) "mailto?…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Fedoraproject FedoraKDE Okular before 1.10.0 allows code execution via an action link in a PDF document.
KDE KMailIn KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub…
Microsoft OutlookThe S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can in…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
KDE kdelibskpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls the PAC FindProxyForURL func…
Fedoraproject FedoraTurning all screens off in Plasma-workspace and kscreenlocker while the lock screen is shown can res…
redhat/kdepimKDE KMail does not encrypt attachments in emails when "automatic encryption" is enabled, which allow…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kde Plasma-workspaceplasma-workspace before 5.1.95 allows remote attackers to obtain passwords via a Trojan horse Look a…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kde Kde Applicationskwalletd in KWallet before KDE Applications 14.12.0 uses Blowfish with ECB mode instead of CBC mode …
KDE Paste AppletThe KRandom::random function in KDE Paste Applet after 4.10.5 in kdeplasma-addons uses the GNU C Lib…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kde Kde PimThe HTMLQuoteColorer::process function in messageviewer/htmlquotecolorer.cpp in KDE PIM 4.6 through …
Kde Kcheckpasskcheckpass passes a user-supplied argument to the pam_start function, often within a setuid environm…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Poppler PopplerInteger Overflow, Null Pointer Dereference, Buffer Overflow
KDE KonquerorKDE Konqueror allows remote attackers to cause a denial of service (memory consumption) via a large …
KDE KonquerorHTMLTokenizer::scriptHandler in Konqueror in KDE 3.5.9 and 3.5.10 allows remote attackers to cause a…
KDE KonquerorKonqueror in KDE 3.5.9 allows remote attackers to cause a denial of service (application crash) via …
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.