KDE : Security Vulnerabilities, CVEs, (Information Leak) CVSS score >= 7

CVE-2018-19120

The HTML thumbnailer plugin in KDE Applications before 18.12.0 allows attackers to trigger outbound TCP connections to arbitrary IP addresses, leading to disclosure of the source IP address.
Max CVSS
7.5
EPSS Score
0.18%
Published
2018-11-29
Updated
2019-01-31

CVE-2016-3100

kinit in KDE Frameworks before 5.23.0 uses weak permissions (644) for /tmp/xauth-xxx-_y, which allows local users to obtain X11 cookies of other users and consequently capture keystrokes and possibly gain privileges by reading the file.
Max CVSS
8.4
EPSS Score
0.11%
Published
2016-07-13
Updated
2018-10-30
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close