Kde: >> Kde-Workspace >> 4.2.0 Security Vulnerabilities
kde-workspace before 4.10.5 has a memory leak in plasma desktop
CVSS Score
7.5
EPSS Score
0.02
Published
2019-12-10
kde-workspace 4.2.0 and plasma-workspace before 5.1.95 allows remote attackers to obtain input events, and consequently obtain passwords, by leveraging access to the X server when the screen is locked.
CVSS Score
4.3
EPSS Score
0.003
Published
2015-01-26
The KDE Clock KCM policykit helper in kde-workspace before 4.11.14 and plasma-desktop before 5.1.1 allows local users to gain privileges via a crafted ntpUtility (ntp utility name) argument.
CVSS Score
7.2
EPSS Score
0.0
Published
2014-12-06
KDE-Workspace 4.10.5 and earlier does not properly handle the return value of the glibc 2.17 crypt and pw_encrypt functions, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via (1) an invalid salt or a (2) DES or (3) MD5 encrypted password, when FIPS-140 is enable, to KDM or an (4) invalid password to KCheckPass.
CVSS Score
5.0
EPSS Score
0.008
Published
2013-09-16