厂商或团体 kde 的搜索结果 (160)

CVE-2018-6790(发布:2018-02-06 21:29:01)NMP
CVSS5.0

[原文]An issue was discovered in KDE Plasma Workspace before 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote attackers to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG element.

CVE-2018-6791(发布:2018-02-06 21:29:01)NMP
CVSS7.2

[原文]An issue was discovered in soliduiserver/deviceserviceaction.cpp in KDE Plasma Workspace before 5.12.0. When a vfat thumbdrive that contains `` or $() in its volume label is plugged in and mounted through the device notifier, it's interpreted as a shell command, leading to a possibility of arbitrary command execution. An example of an offending volume label is "$(touch b)" -- this will create a file called b in the home folder.

CVE-2014-8878(发布:2017-09-27 21:29:00)NMCS
CVSS4.3

[CNNVD]KMail 安全漏洞--Kontact是KDE社区开发的一套个人信息管理器和组件的软件套件。KMail是其中的一个电子邮件组件。 KMail中存在安全漏洞。攻击者可利用该漏洞获取敏感信息。

CVE-2015-7543(发布:2017-07-25 10:29:00)NM
CVSS4.4

[原文]aRts 1.5.10 and kdelibs3 3.5.10 and earlier do not properly create temporary directories, which allows local users to hijack the IPC by pre-creating the temporary directory.

CVE-2017-8422(发布:2017-05-17 10:29:00)NMPS
CVSS7.2

[原文]KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.

CVE-2017-6410(发布:2017-03-02 01:59:01)NMP
CVSS4.3

[原文]kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls the PAC FindProxyForURL function with a full https URL (potentially including Basic Authentication credentials, a query string, or PATH_INFO), which allows remote attackers to obtain sensitive information via a crafted PAC file.

12345678下一页尾页 第1页 / 共27页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站