CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

79 matches found

Tenable Nessus•added 2019/08/20 12:0 a.m.•30 views

Ubuntu 16.04 LTS / 18.04 LTS : KConfig and KDE libraries vulnerabilities (USN-4100-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4100-1 advisory. It was discovered that KConfig and KDE libraries have a vulnerability where an attacker could hide malicious code under desktop and...

7.8CVSS7.9AI score0.0639EPSS

Exploits2References3

OpenVAS•added 2019/08/20 12:0 a.m.•20 views

Ubuntu: Security Advisory (USN-4100-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8AI score0.0639EPSS

Exploits2References2

OSV•added 2019/08/16 8:47 p.m.•2 views

USN-4100-1 kconfig, kde4libs vulnerabilities

It was discovered that KConfig and KDE libraries have a vulnerability where an attacker could hide malicious code under desktop and configuration files. CVE-2019-14744 It was discovered that KConfig allows remote attackers to write to arbitrary files via a ../ in a filename in an archive file...

7.8CVSS7.2AI score0.0639EPSS

Exploits2References3

Tenable Nessus•added 2017/03/13 12:0 a.m.•25 views

Fedora 24 : kdelibs3 (2017-01eed6fe8c)

This kdelibs3 KDE 3 compatibility libraries update fixes the security issues : - CVE-2016-6232 karchive: Extraction of tar files possible to arbitrary system locations - CVE-2017-6410 kio: Information Leak when accessing https when using a malicious PAC file for the KDE 3 compatibility libraries...

7.5CVSS6.6AI score0.0639EPSS

Exploits1References3

Tenable Nessus•added 2017/03/13 12:0 a.m.•26 views

Fedora 25 : kdelibs3 (2017-4f4eef4791)

7.5CVSS6.6AI score0.0639EPSS

Exploits1References3

OPENSUSE Linux•added 2016/09/02 3:13 p.m.•26 views

Security update for karchive (important)

This update for karchive fixes the following issues: - CVE-2016-6232: A remote attacker could have been able to overwrite arbitrary files when tricking the user into downloading KDE extras such as wallpapers or Plasma Applets boo989698...

5CVSS6.5AI score0.0639EPSS

Exploits1References1

Tenable Nessus•added 2016/08/08 12:0 a.m.•31 views

Debian DSA-3643-1 : kde4libs - security update

Andreas Cord-Landwehr discovered that kde4libs, the core libraries for all KDE 4 applications, do not properly handle the extraction of archives with '../' in the file paths. A remote attacker can take advantage of this flaw to overwrite files outside of the extraction folder, if a user is tricke...

7.5CVSS7.1AI score0.0639EPSS

Exploits1References4

Debian•added 2016/08/06 7:53 p.m.•21 views

[SECURITY] [DSA 3643-1] kde4libs security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3643-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 06, 2016 https://www.debian.org/security/faq -...

7.5CVSS7.8AI score0.0639EPSS

Exploits1

Debian•added 2016/08/06 7:53 p.m.•24 views

[SECURITY] [DSA 3643-1] kde4libs security update

5CVSS2.5AI score0.0639EPSS

Exploits1

OpenVAS•added 2016/08/06 12:0 a.m.•17 views

Debian Security Advisory DSA 3643-1 (kde4libs - security update)

Andreas Cord-Landwehr discovered that kde4libs, the core libraries for all KDE 4 applications, do not properly handle the extraction of archives with OpenVAS Vulnerability Test $Id: deb3643.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3643-1 using nvtgen 1.0 Script...

5CVSS0.3AI score0.0639EPSS

Exploits1References1

CVE•added 2016/08/02 4:0 p.m.•94 views

CVE-2016-6232

CVE-2016-6232 is a directory traversal vulnerability in KDE’s KArchive (used by KDE Frameworks) that allows a remote attacker to write to arbitrary files by crafting a filename containing ../ inside an archive. Affected component: karchive within KDE Frameworks (KArchive) prior to version fixed b...

7.5CVSS7.7AI score0.0639EPSS

Exploits1References10Affected Software1

Cvelist•added 2016/08/02 4:0 p.m.•15 views

CVE-2016-6232

Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ dot dot slash in a filename in an archive file, related to KNewsstuff downloads...

7.7AI score0.0639EPSS

Exploits1References10

Debian CVE•added 2016/08/02 4:0 p.m.•22 views

CVE-2016-6232

7.5CVSS8AI score0.0639EPSS

Exploits1

OpenVAS•added 2016/08/02 12:0 a.m.•18 views

Fedora Update for kf5 FEDORA-2016-4701636a74

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8AI score0.0639EPSS

Exploits1References2

OpenVAS•added 2016/08/02 12:0 a.m.•17 views

Fedora Update for kf5-kxmlgui FEDORA-2016-cef912e3a4

7.5CVSS8AI score0.0639EPSS

Exploits1References2

OpenVAS•added 2016/08/02 12:0 a.m.•17 views

Fedora Update for kf5-ktextwidgets FEDORA-2016-4701636a74

7.5CVSS8AI score0.0639EPSS

Exploits1References2

OpenVAS•added 2016/08/02 12:0 a.m.•15 views

Fedora Update for kf5-solid FEDORA-2016-cef912e3a4