Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-1308 | 1 Kde | 2 Kde-workspace, Plasma-workspace | 2024-11-21 | 4.3 MEDIUM | N/A |
kde-workspace 4.2.0 and plasma-workspace before 5.1.95 allows remote attackers to obtain input events, and consequently obtain passwords, by leveraging access to the X server when the screen is locked. | |||||
CVE-2014-8651 | 1 Kde | 2 Kde-workspace, Plasma-desktop | 2024-11-21 | 7.2 HIGH | N/A |
The KDE Clock KCM policykit helper in kde-workspace before 4.11.14 and plasma-desktop before 5.1.1 allows local users to gain privileges via a crafted ntpUtility (ntp utility name) argument. | |||||
CVE-2013-4133 | 2 Debian, Kde | 2 Debian Linux, Kde-workspace | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
kde-workspace before 4.10.5 has a memory leak in plasma desktop | |||||
CVE-2013-4132 | 2 Kde, Opensuse | 3 Kde-workspace, Kde Sc, Opensuse | 2024-11-21 | 5.0 MEDIUM | N/A |
KDE-Workspace 4.10.5 and earlier does not properly handle the return value of the glibc 2.17 crypt and pw_encrypt functions, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via (1) an invalid salt or a (2) DES or (3) MD5 encrypted password, when FIPS-140 is enable, to KDM or an (4) invalid password to KCheckPass. |