openSUSE 16 Security Update : kf6-kcoreaddons (openSUSE-SU-2026:20701-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20701-1 advisory. Changes in kf6-kcoreaddons: - CVE-2026-41526: Fixed arbitrary code execution via improper shell argument quoting boo1263441 Tenable has extracted the...

OPENSUSE-SU-2026:20701-1 Security update for kf6-kcoreaddons

This update for kf6-kcoreaddons fixes the following issues: Changes in kf6-kcoreaddons: - CVE-2026-41526: Fixed arbitrary code execution via improper shell argument quoting boo1263441...

Linux Distros Unpatched Vulnerability : CVE-2026-41526

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they can be passed to a shell command. This parsing does not...

CVE-2026-41526

A flaw was found in KDE KCoreAddons. The KShell::quoteArgs function, intended to safely quote arguments for shell commands, does not properly handle special characters. This vulnerability allows an attacker to inject control characters, such as \x01, leading to an escape from the shell...

CVE-2026-41526

In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they can be passed to a shell command. This parsing does not adequately handle metacharacters, leading to an escape from the shell. All applications relying on this method in a security-critical path t...

DEBIAN-CVE-2026-41526

In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they can be passed to a shell command. This parsing does not adequately handle metacharacters, leading to an escape from the shell. All applications relying on this method in a security-critical path t...

CVE-2026-41526

In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they can be passed to a shell command. This parsing does not adequately handle metacharacters, leading to an escape from the shell. All applications relying on this method in a security-critical path t...

EUVD-2026-26004

In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they can be passed to a shell command. This parsing does not adequately handle metacharacters, leading to an escape from the shell. All applications relying on this method in a security-critical path t...

CVE-2026-41526

In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they can be passed to a shell command. This parsing does not adequately handle metacharacters, leading to an escape from the shell. All applications relying on this method in a security-critical path t...

CVE-2026-41526

In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they can be passed to a shell command. This parsing does not adequately handle metacharacters, leading to an escape from the shell. All applications relying on this method in a security-critical path t...

KCoreAddons 安全漏洞

KCoreAddons is an open-source toolset based on QtCore, published on the KDE GitHub mirror. Versions of KCoreAddons prior to 6.25 contained security vulnerabilities. These vulnerabilities stemmed from the KShell::quoteArgs method not properly handling metacharacters, which could allow exploitation...

CVE-2026-41526

In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they can be passed to a shell command. This parsing does not adequately handle metacharacters, leading to an escape from the shell. All applications relying on this method in a security-critical path t...

[SECURITY] Fedora 44 Update: kf6-kcoreaddons-6.25.0-1.fc44

KCoreAddons provides classes built on top of QtCore to perform various tasks such as manipulating mime types, autosaving files, creating backup files, generating random sequences, performing text manipulations such as macro replacement, accessing user information and many more...

OPENSUSE-SU-2024:10509-1 kcoreaddons-5.29.0-1.1 on GA media

These are all security issues fixed in the kcoreaddons-5.29.0-1.1 package on the GA media of openSUSE Tumbleweed...

openSUSE Security Update : kcoreaddons (openSUSE-2016-1200)

This update for kcoreaddons fixes the following issues : - CVE-2016-7966: HTML injection in plain text viewer boo1002977 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2016-1200. The...

OPENSUSE-SU-2016:2559-1 Security update for kcoreaddons

This update for kcoreaddons fixes the following issues: - CVE-2016-7966: HTML injection in plain text viewer boo1002977...

OPENSUSE-SU-2016:2558-1 Security update for kcoreaddons

This update for kcoreaddons fixes the following issues: - CVE-2016-7966: HTML injection in plain text viewer boo1002977...

[ASA-201610-4] kcoreaddons: insufficient validation

Arch Linux Security Advisory ASA-201610-4 ========================================= Severity: Medium Date : 2016-10-07 CVE-ID : CVE-2016-7966 Package : kcoreaddons Type : insufficient validation Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package kcoreaddons...

CVE-2016-7966

Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal sign = or a space into the injected HTML, which greatly reduces the available HTML functionality...

Fedora Update for kf5-kcoreaddons FEDORA-2016-cef912e3a4

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...