Skip to main content

Kde Applications

2 CVEs product

Monthly

CVE-2018-19120 HIGH This Week

The HTML thumbnailer plugin in KDE Applications before 18.12.0 allows attackers to trigger outbound TCP connections to arbitrary IP addresses, leading to disclosure of the source IP address. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Kde Applications
NVD
CVSS 3.0
7.5
EPSS
1.5%
CVE-2013-7252 MEDIUM POC PATCH This Month

kwalletd in KWallet before KDE Applications 14.12.0 uses Blowfish with ECB mode instead of CBC mode when encrypting the password store, which makes it easier for attackers to guess passwords via a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Kde Applications
NVD
CVSS 2.0
5.0
EPSS
0.4%
EPSS 1% CVSS 7.5
HIGH This Week

The HTML thumbnailer plugin in KDE Applications before 18.12.0 allows attackers to trigger outbound TCP connections to arbitrary IP addresses, leading to disclosure of the source IP address. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Kde Applications
NVD
EPSS 0% CVSS 5.0
MEDIUM POC PATCH This Month

kwalletd in KWallet before KDE Applications 14.12.0 uses Blowfish with ECB mode instead of CBC mode when encrypting the password store, which makes it easier for attackers to guess passwords via a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Kde Applications
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy