Lucene search
+L

146 matches found

Fedora
Fedora
added 2023/02/25 3:47 a.m.11 views

[SECURITY] Fedora 37 Update: kwayland-integration-5.27.1-1.fc37

Provides integration plugins for various KDE Frameworks for Wayland...

2.8AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 5:4 a.m.6 views

SUSE CVE-2016-3100

kinit in KDE Frameworks before 5.23.0 uses weak permissions 644 for /tmp/xauth-xxx-y, which allows local users to obtain X11 cookies of other users and consequently capture keystrokes and possibly gain privileges by reading the file...

8.4CVSS6.9AI score0.00399EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:59 a.m.7 views

SUSE CVE-2016-6232

Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ dot dot slash in a filename in an archive file, related to KNewsstuff downloads...

7.5CVSS7.1AI score0.04429EPSS
Exploits1References5
Fedora
Fedora
added 2021/03/20 12:20 a.m.25 views

[SECURITY] Fedora 34 Update: kwayland-server-5.21.3-1.fc34

Wayland server components built on KDE Frameworks...

7.5CVSS1.9AI score0.01563EPSS
Exploits0
Fedora
Fedora
added 2021/03/20 12:20 a.m.18 views

[SECURITY] Fedora 34 Update: kwayland-integration-5.21.3-1.fc34

Provides integration plugins for various KDE Frameworks for Wayland...

7.5CVSS2.8AI score0.01563EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/03/20 12:0 a.m.76 views

Fedora: Security Advisory for kwayland-server (FEDORA-2021-85c9774673)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.6AI score0.01563EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/03/20 12:0 a.m.13 views

Fedora: Security Advisory for kwayland-integration (FEDORA-2021-85c9774673)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.6AI score0.01563EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/12/31 12:0 a.m.29 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : kdelibs Vulnerability (NS-SA-2019-0254)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kdelibs packages installed that are affected by a vulnerability: - In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates ...

7.8CVSS7.6AI score0.04069EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/12/02 12:0 a.m.28 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : kdelibs Vulnerability (NS-SA-2019-0223)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kdelibs packages installed that are affected by a vulnerability: - In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates ...

7.8CVSS7.6AI score0.04069EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2019/08/14 12:0 a.m.20 views

Fedora Update for kf5-kconfig FEDORA-2019-48b691092f

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.7AI score0.04069EPSS
Exploits1References2
Fedora
Fedora
added 2019/08/13 1:3 a.m.26 views

[SECURITY] Fedora 30 Update: kf5-kconfig-5.59.0-1.fc30.1

KDE Frameworks 5 Tier 1 addon with advanced configuration system made of two parts: KConfigCore and KConfigGui...

7.8CVSS1.9AI score0.04069EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2019/08/12 11:24 a.m.38 views

CVE-2019-14744

A flaw was found in the KDE Frameworks KConfig prior to version 5.61.0. Certain syntax commands were allowed in .desktop, .directory, and configuration files to allow flexible configurations with the desktop environment. An attacker could add malicious code to a file that a user would...

8.8CVSS3.2AI score0.04069EPSS
Exploits1References3
CNVD
CNVD
added 2019/08/12 12:0 a.m.3 views

KDE Frameworks KConfig Execution Command Vulnerability

KDE Frameworks is a collection of technical base libraries and software frameworks for KDE applications from the KDE community. kConfig is one of the high-level configuration systems, which is mainly used to manage configurations in KDE Frameworks and generate configuration files. A security...

7.8CVSS7.3AI score0.04069EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.28 views

FreeBSD : KDE Frameworks -- malicious .desktop files execute code (f5f0a640-bae8-11e9-bb3a-001e2a3f778d)

The KDE Community has released a security announcement : The syntax Key$e=$shell command in .desktop files, .directory files, and configuration files typically found in /.config was an intentional feature of KConfig, to allow flexible configuration. This could however be abused by malicious peopl...

7.8CVSS7.4AI score0.04069EPSS
Exploits1References3
NVD
NVD
added 2019/08/07 3:15 p.m.17 views

CVE-2019-14744

In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .deskto...

7.8CVSS7.7AI score0.04069EPSS
Exploits1References18
OSV
OSV
added 2019/08/07 3:15 p.m.1 views

DEBIAN-CVE-2019-14744

In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .deskto...

7.8CVSS8AI score0.04069EPSS
Exploits1References1
OSV
OSV
added 2019/08/07 3:15 p.m.27 views

CVE-2019-14744

In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .deskto...

7.8CVSS7.8AI score
Exploits0References18
Prion
Prion
added 2019/08/07 3:15 p.m.19 views

Code injection

In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .deskto...

5.1CVSS7.6AI score0.04069EPSS
Exploits1References18Affected Software8
Cvelist
Cvelist
added 2019/08/07 2:30 p.m.27 views

CVE-2019-14744

In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .deskto...

7.7AI score0.04069EPSS
Exploits1References18
Debian CVE
Debian CVE
added 2019/08/07 2:30 p.m.28 views

CVE-2019-14744

In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .deskto...

7.8CVSS8AI score0.04069EPSS
Exploits1
Rows per page
Query Builder