Vulnerabilities > KDE > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-11 | CVE-2024-1433 | Unspecified vulnerability in KDE Plasma-Workspace A vulnerability, which was classified as problematic, was found in KDE Plasma Workspace up to 5.93.0. | 3.7 |
2021-08-10 | CVE-2021-38372 | Command Injection vulnerability in KDE Trojita 0.7 In KDE Trojita 0.7, man-in-the-middle attackers can create new folders because untagged responses from an IMAP server are accepted before STARTTLS. | 3.7 |
2020-09-02 | CVE-2020-24654 | Link Following vulnerability in multiple products In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory. | 3.3 |
2020-08-03 | CVE-2020-16116 | Path Traversal vulnerability in multiple products In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal. | 3.3 |
2020-05-09 | CVE-2020-12755 | Unspecified vulnerability in KDE Kio-Extras fishProtocol::establishConnection in fish/fish.cpp in KDE kio-extras through 20.04.0 makes a cacheAuthentication call even if the user had not set the keepPassword option. | 3.3 |