Kde Luki w zabezpieczeniach

Oś czasu

Rodzaj

Produkt

KDE Konqueror33
KDE KMail9
KDE SC5
KDE Plasma Workspace4
KDE Applications3

Przeciwdziałanie

Official Fix69
Temporary Fix0
Workaround0
Unavailable6
Not Defined35

Wykorzystywanie

High3
Functional1
Proof-of-Concept41
Unproven6
Not Defined59

Wektor dostępu

Not Defined0
Physical1
Local22
Adjacent3
Network84

Uwierzytelnianie

Not Defined0
High0
Low16
None94

Interakcja z użytkownikiem

Not Defined0
Required12
None98

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤413
≤511
≤634
≤715
≤823
≤99
≤105

CVSSv3 Temp

≤10
≤20
≤31
≤413
≤519
≤629
≤728
≤813
≤94
≤103

VulDB

≤10
≤20
≤30
≤415
≤512
≤634
≤713
≤822
≤98
≤106

NVD

≤10
≤20
≤30
≤41
≤52
≤65
≤74
≤87
≤94
≤101

CNA

≤10
≤20
≤30
≤41
≤50
≤60
≤70
≤80
≤90
≤100

Sprzedawca

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploit 0-day

<1k14
<2k49
<5k38
<10k2
<25k5
<50k2
<100k0
≥100k0

Wykorzystaj dzisiaj

<1k109
<2k1
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Wykorzystaj wielkość rynku

🔴 CTI Zajęcia

Affected Products (50): Applications (3), Connect (1), Discover (1), Django (1), File Manager (1), K-Mail (3), KAuth (1), KCron (1), KDE-Runtime (1), KDELibs (2), KDE PIM (1), KDE SC (1), KDEUtils (1), KMPlayer (1), KMail (9), KMplayer (1), KOffice (3), KTextEditor (1), KWallet (1), Kate (1), Kdebase (1), Kmail (1), Konqueror (33), Kopete (1), KsIRC (1), Messagelib (1), Partition Manager (1), Paste Applet (2), Plasma Workspace (4), SC (5), Trojita (2), Workspace (1), ark (2), kauth (1), kcheckpass (1), kde-workspace (1), kdegraphics (2), kdelibs (3), kio-extras (1), konqueror (1), kpdf (2), ktvision (1), kvt (2), kwintv (1), libkhtml (1), libksieve (1), messagelib (1), okular (1), plasma-workspace (1), sc (2)

Link to Vendor Website: https://kde.org/

OpublikowanoBaseTempSłaby punktProdWykPrzEPSSCTICVE
2024-06-045.55.3KDE Plasma Workspace Session Restore server.cpp privilege escalationNieznanyNot DefinedOfficial Fix0.000000.05CVE-2024-36041
2024-04-293.53.4KDE libksieve session.cpp weak encryptionNieznanyNot DefinedOfficial Fix0.000450.00CVE-2023-52723
2024-02-113.13.0KDE Plasma Workspace Theme File eventpluginsmanager.cpp enabledPlugins directory traversalNieznanyNot DefinedOfficial Fix0.000450.04CVE-2024-1433
2023-04-223.73.4KDE Applications KWallet weak encryptionNieznanyProof-of-ConceptNot Defined0.003960.00CVE-2013-7252
2023-04-216.86.6KDE Paste Applet kdeplasma-addons pastemacroexpander.cpp weak authenticationNieznanyProof-of-ConceptOfficial Fix0.002330.00CVE-2013-2120
2023-04-215.45.1KDE Paste Applet random weak encryptionNieznanyProof-of-ConceptNot Defined0.000470.00CVE-2013-2213
2022-07-058.07.9KDE Django Extract sql injectionContent Management SystemNot DefinedOfficial Fix0.183280.05CVE-2022-34265
2022-02-265.04.8KDE KCron tmp privilege escalationNieznanyNot DefinedNot Defined0.000440.05CVE-2022-24986
2022-02-126.36.0KDE Kate/KTextEditor LSP Plugin Remote Code ExecutionNieznanyNot DefinedOfficial Fix0.000750.05CVE-2022-23853
2021-08-103.73.7KDE KMail SMTP STARTTLS weak encryptionMail Client SoftwareNot DefinedNot Defined0.000810.00CVE-2021-38373
2021-08-105.65.6KDE Trojita IMAP Server privilege escalationNieznanyNot DefinedNot Defined0.000700.00CVE-2021-38372
2021-06-023.13.1KDE Messagelib Encrypted Message viewer_p.cpp deleteAttachment weak encryptionNieznanyNot DefinedNot Defined0.000650.03CVE-2021-31855
2021-03-216.96.6KDE Discover URL KNSResource.cpp Privilege EscalationNieznanyNot DefinedOfficial Fix0.000970.00CVE-2021-28117
2020-10-267.87.5KDE Partition Manager fstab kpmcore_externalcommand privilege escalationNieznanyNot DefinedOfficial Fix0.000420.03CVE-2020-27187
2020-10-084.54.3KDE Connect Packet denial of serviceNieznanyNot DefinedOfficial Fix0.000460.00CVE-2020-26164
2020-09-026.25.9KDE ark directory traversalNieznanyNot DefinedOfficial Fix0.002480.00CVE-2020-24654
2020-08-037.37.0KDE ark Extraction jobs.cpp directory traversalNieznanyNot DefinedOfficial Fix0.001240.00CVE-2020-16116
2020-07-275.15.1KDE KMail POP3 weak encryptionMail Client SoftwareNot DefinedNot Defined0.001280.00CVE-2020-15954
2020-05-093.93.9KDE kio-extras fish.cpp establishConnection information disclosureNieznanyNot DefinedNot Defined0.000440.00CVE-2020-12755
2020-04-175.95.8KDE KMail information disclosureMail Client SoftwareNot DefinedOfficial Fix0.000900.00CVE-2020-11880
2020-03-246.56.4KDE okular Action Link privilege escalationNieznanyNot DefinedOfficial Fix0.002880.05CVE-2020-9359
2020-03-126.36.2KDE Applications messagelib defaultrenderer.cpp privilege escalationNieznanyNot DefinedOfficial Fix0.000840.00CVE-2018-19516
2019-05-079.08.8KDE KAuth Helpers DBusHelperProxy.cpp privilege escalationNieznanyNot DefinedOfficial Fix0.006890.03CVE-2019-7443
2019-04-074.34.2KDE Trojita Encryption weak encryptionNieznanyProof-of-ConceptNot Defined0.000860.00CVE-2019-10734
2019-04-074.34.2KDE KMail Encryption weak encryptionMail Client SoftwareProof-of-ConceptNot Defined0.000890.04CVE-2019-10732

85 więcej wpisów nie jest pokazywanych

Do you want to use VulDB in your project?

Use the official API to access entries easily!