GCVE - cpe:2.3:a:kde:kde_sc:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:kde:kde_sc:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Kde (`d8ba08cf-7ec1-5504-a5b9-f8cfa50ca850`)
Product	Kde Sc (`a5926000-7aa3-515f-acdf-69ed3f941c05`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2013-4132`	vulnerable	2026-06-03 14:33:09.812785	Details available KDE-Workspace 4.10.5 and earlier does not properly handle the return value of the glibc 2.17 crypt and pw_encrypt functions, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via (1) an invalid salt or a (2) DES or (3) MD5 encrypted password, when FIPS-140 is enable, to KDM or an (4) invalid password to KCheckPass. Published: 2013-09-16T19:00:00.000Z Updated: 2024-08-06T16:30:50.058Z Open on db.gcve.eu Reference links http://lists.opensuse.org/opensuse-updates/2013-08/msg00002.html http://seclists.org/oss-sec/2013/q3/117 http://lists.opensuse.org/opensuse-updates/2013-07/msg00082.html http://seclists.org/oss-sec/2013/q3/120 https://git.reviewboard.kde.org/r/111261/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-2725`	vulnerable	2026-06-03 14:31:10.480704	Details available Directory traversal vulnerability in Ark 4.7.x and earlier allows remote attackers to delete and force the display of arbitrary files via .. (dot dot) sequences in a zip file. Published: 2014-02-04T19:00:00.000Z Updated: 2024-08-06T23:08:23.781Z Open on db.gcve.eu Reference links http://lists.opensuse.org/opensuse-updates/2012-03/msg00002.html http://seclists.org/fulldisclosure/2011/Oct/351 https://bugzilla.redhat.com/show_bug.cgi?id=725764 https://bugzilla.novell.com/show_bug.cgi?id=708268 http://packetstormsecurity.com/files/105610/Ark-2.16-Directory-Traversal.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-1586`	vulnerable	2026-06-03 14:31:02.762885	Details available Directory traversal vulnerability in the KGetMetalink::File::isValidNameAttr function in ui/metalinkcreator/metalinker.cpp in KGet in KDE SC 4.6.2 and earlier allows remote attackers to create arbitrary files via a .. (dot dot) in the name attribute of a file element in a metalink file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1000. Published: 2011-04-27T00:00:00.000Z Updated: 2024-08-06T22:28:42.059Z Open on db.gcve.eu Reference links https://launchpad.net/bugs/757526 http://websvn.kde.org/branches/KDE/4.4/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227468&r2=1227467&pathrev=1227468 http://websvn.kde.org/branches/KDE/4.6/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227471&r2=1227470&pathrev=1227471 http://secunia.com/advisories/44124 http://openwall.com/lists/oss-security/2011/04/15/9	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.