3 matches found
CVE-2018-19516
CVE-2018-19516 affects KDE Applications’ messagelib (messagepartthemes/default/defaultrenderer.cpp) prior to version 18.12.0, where http-equiv=REFRESH handling is not properly restricted, potentially allowing data access bypass. Public records in NVD confirm the issue and indicate downstream patc...
CVE-2018-19120
CVE-2018-19120 detail: The HTML thumbnailer in KDE Applications prior to 18.12.0 can trigger outbound TCP connections to arbitrary IPs, exposing the source IP address. This affects KDE’s HTML thumbnailer component (and related KDE Applications packaging that ships kio-extras). Root cause is insuf...
CVE-2013-7252
KWallet's kwalletd (KWallet before KDE Applications 14.12.0) uses Blowfish with ECB mode to encrypt the password store instead of CBC, enabling codebook-style attacks to guess passwords when the password store is accessible. This vulnerability is documented across multiple advisories (GLSA-201606...