146 matches found
[SECURITY] Fedora 37 Update: kwayland-integration-5.27.1-1.fc37
Provides integration plugins for various KDE Frameworks for Wayland...
SUSE CVE-2016-3100
kinit in KDE Frameworks before 5.23.0 uses weak permissions 644 for /tmp/xauth-xxx-y, which allows local users to obtain X11 cookies of other users and consequently capture keystrokes and possibly gain privileges by reading the file...
SUSE CVE-2016-6232
Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ dot dot slash in a filename in an archive file, related to KNewsstuff downloads...
[SECURITY] Fedora 34 Update: kwayland-server-5.21.3-1.fc34
Wayland server components built on KDE Frameworks...
[SECURITY] Fedora 34 Update: kwayland-integration-5.21.3-1.fc34
Provides integration plugins for various KDE Frameworks for Wayland...
Fedora: Security Advisory for kwayland-server (FEDORA-2021-85c9774673)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for kwayland-integration (FEDORA-2021-85c9774673)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
NewStart CGSL CORE 5.05 / MAIN 5.05 : kdelibs Vulnerability (NS-SA-2019-0254)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kdelibs packages installed that are affected by a vulnerability: - In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates ...
NewStart CGSL CORE 5.04 / MAIN 5.04 : kdelibs Vulnerability (NS-SA-2019-0223)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kdelibs packages installed that are affected by a vulnerability: - In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates ...
Fedora Update for kf5-kconfig FEDORA-2019-48b691092f
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 30 Update: kf5-kconfig-5.59.0-1.fc30.1
KDE Frameworks 5 Tier 1 addon with advanced configuration system made of two parts: KConfigCore and KConfigGui...
CVE-2019-14744
A flaw was found in the KDE Frameworks KConfig prior to version 5.61.0. Certain syntax commands were allowed in .desktop, .directory, and configuration files to allow flexible configurations with the desktop environment. An attacker could add malicious code to a file that a user would...
KDE Frameworks KConfig Execution Command Vulnerability
KDE Frameworks is a collection of technical base libraries and software frameworks for KDE applications from the KDE community. kConfig is one of the high-level configuration systems, which is mainly used to manage configurations in KDE Frameworks and generate configuration files. A security...
FreeBSD : KDE Frameworks -- malicious .desktop files execute code (f5f0a640-bae8-11e9-bb3a-001e2a3f778d)
The KDE Community has released a security announcement : The syntax Key$e=$shell command in .desktop files, .directory files, and configuration files typically found in /.config was an intentional feature of KConfig, to allow flexible configuration. This could however be abused by malicious peopl...
CVE-2019-14744
In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .deskto...
DEBIAN-CVE-2019-14744
In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .deskto...
CVE-2019-14744
In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .deskto...
Code injection
In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .deskto...
CVE-2019-14744
In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .deskto...
CVE-2019-14744
In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .deskto...