Vulnerabilities > KDE > Kauth > 4.95.0

DATE CVE VULNERABILITY TITLE RISK
2019-05-07 CVE-2019-7443 Improper Input Validation vulnerability in multiple products
KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp.
network
high complexity
kde opensuse fedoraproject CWE-20
8.1
2017-05-17 CVE-2017-8422 Authentication Bypass by Spoofing vulnerability in KDE Kauth and Kdelibs
KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.
local
low complexity
kde CWE-290
7.2
2014-08-19 CVE-2014-5033 Race Condition vulnerability in multiple products
KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, related to CVE-2013-4288 and "PID reuse race conditions."
6.9