75479 matches found
UBUNTU-CVE-2025-32901
In KDE Connect before 1.33.0 on Android, malicious device IDs sent via broadcast UDP could cause an application crash...
CVE-2025-32899
In KDE Connect before 1.33.0 on Android, a packet can be crafted that causes two paired devices to unpair. Specifically, it is an invalid discovery packet sent over broadcast UDP...
CVE-2025-32898
The KDE Connect verification-code protocol before 2025-04-18 uses only 8 characters and therefore allows brute-force attacks. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5 on iOS, Valent before 1.0.0.alpha.47, and GSConnect before 5...
UBUNTU-CVE-2025-32899
In KDE Connect before 1.33.0 on Android, a packet can be crafted that causes two paired devices to unpair. Specifically, it is an invalid discovery packet sent over broadcast UDP...
UBUNTU-CVE-2025-32898
The KDE Connect verification-code protocol before 2025-04-18 uses only 8 characters and therefore allows brute-force attacks. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5 on iOS, Valent before 1.0.0.alpha.47, and GSConnect before 5...
CVE-2025-32899
KDE Connect (Android)
PT-2025-49319
Name of the Vulnerable Software and Affected Versions Rarlab RAR App versions up to 7.11 Build 127 Description A security issue exists in the component com.rarlab.rar of Rarlab RAR App on Android. This allows for path traversal, potentially enabling remote attacks. Exploitation is considered high...
CVE-2025-32900
In the KDE Connect information-exchange protocol before 2025-04-18, a packet can be crafted to temporarily change the displayed information about a device, because broadcast UDP is used. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5...
EUVD-2025-201335
In KDE Connect before 1.33.0 on Android, malicious device IDs sent via broadcast UDP could cause an application crash...
PT-2025-49196
In KDE Connect before 1.33.0 on Android, a packet can be crafted that causes two paired devices to unpair. Specifically, it is an invalid discovery packet sent over broadcast UDP...
PT-2025-49197
In KDE Connect before 1.33.0 on Android, malicious device IDs sent via broadcast UDP could cause an application crash...
PT-2025-49221
In the KDE Connect information-exchange protocol before 2025-04-18, a packet can be crafted to temporarily change the displayed information about a device, because broadcast UDP is used. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5...
CVE-2025-32901
In KDE Connect before 1.33.0 on Android, malicious device IDs sent via broadcast UDP could cause an application crash...
CVE-2025-32899
In KDE Connect before 1.33.0 on Android, a packet can be crafted that causes two paired devices to unpair. Specifically, it is an invalid discovery packet sent over broadcast UDP...
CVE-2025-32899
In KDE Connect before 1.33.0 on Android, a packet can be crafted that causes two paired devices to unpair. Specifically, it is an invalid discovery packet sent over broadcast UDP...
CVE-2025-32901
In KDE Connect before 1.33.0 on Android, malicious device IDs sent via broadcast UDP could cause an application crash...
CVE-2025-32898
The CVE-2025-32898 entry documents a brute-force vulnerability in the KDE Connect verification-code protocol: an 8-character verification code enables offline/online guessing. Affected are KDE Connect versions before 1.33.0 on Android, before 25.04 on desktop, before 0.5 on iOS, Valent before 1.0...
CVE-2025-66270
The KDE Connect protocol 8 before 2025-11-28 does not correlate device IDs across two packets. This affects KDE Connect before 25.12 on desktop, KDE Connect before 0.5.4 on iOS, KDE Connect before 1.34.4 on Android, GSConnect before 68, and Valent before 1.0.0.alpha.49...
EUVD-2025-201336
In KDE Connect before 1.33.0 on Android, a packet can be crafted that causes two paired devices to unpair. Specifically, it is an invalid discovery packet sent over broadcast UDP...
CVE-2025-32901
CVE-2025-32901 affects KDE Connect on Android prior to 1.33.0. A flaw lets an attacker send malicious device IDs via broadcast UDP that can crash the targeted application. The Red Hat advisory notes mitigation is not available or does not meet security criteria, and Nessus/NASL entries flag unpat...