High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-07-05	CVE-2024-36041	Unspecified vulnerability in KDE Plasma-Workspace KSmserver in KDE Plasma Workspace (aka plasma-workspace) before 5.27.11.1 and 6.x before 6.0.5.1 allows connections via ICE based purely on the host, i.e., all local connections are accepted. local low complexity kde	7.8
2022-02-26	CVE-2022-24986	Exposure of Resource to Wrong Sphere vulnerability in KDE Kcron KDE KCron through 21.12.2 uses a temporary file in /tmp when saving, but reuses the filename during an editing session. local low complexity kde CWE-668	7.8
2022-02-11	CVE-2022-23853	Uncontrolled Search Path Element vulnerability in KDE Ktexteditor The LSP (Language Server Protocol) plugin in KDE Kate before 21.12.2 and KTextEditor before 5.91.0 tries to execute the associated LSP server binary when opening a file of a given type. local low complexity kde CWE-427	7.8
2021-03-20	CVE-2021-28117	Unspecified vulnerability in KDE Discover libdiscover/backends/KNSBackend/KNSResource.cpp in KDE Discover before 5.21.3 automatically creates links to potentially dangerous URLs (that are neither https:// nor http://) based on the content of the store.kde.org web site. network low complexity kde	7.5
2020-10-26	CVE-2020-27187	Unspecified vulnerability in KDE Partition Manager 4.1.0 An issue was discovered in KDE Partition Manager 4.1.0 before 4.2.0. local low complexity kde	7.8
2020-02-11	CVE-2013-2120	Improper Authentication vulnerability in KDE Paste Applet The %{password(...)} macro in pastemacroexpander.cpp in the KDE Paste Applet before 4.10.5 in kdeplasma-addons does not properly generate passwords, which allows context-dependent attackers to bypass authentication via a brute-force attack. local low complexity kde CWE-287	8.4
2020-02-08	CVE-2012-4512	Type Confusion vulnerability in multiple products The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "type confusion." network low complexity kde redhat CWE-843	8.8
2019-12-10	CVE-2013-4133	Improper Resource Shutdown or Release vulnerability in multiple products kde-workspace before 4.10.5 has a memory leak in plasma desktop network low complexity kde debian CWE-404	7.5
2019-08-07	CVE-2019-14744	OS Command Injection vulnerability in multiple products In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. local low complexity kde debian fedoraproject opensuse canonical redhat CWE-78	7.8
2019-05-07	CVE-2019-7443	Improper Input Validation vulnerability in multiple products KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. network high complexity kde opensuse fedoraproject CWE-20	8.1