CVE Daily – KDE Plasma (High+Critical) https://cvedaily.com/pages/tags/kde-plasma.html CVE Daily – KDE Plasma (High+Critical) en Wed, 03 Jun 2026 21:27:07 +0000 [High] CVE-2024-36041 – KSmserver in KDE Plasma Workspace (aka plasma-workspace) before 5.27.11.1 and 6... https://nvd.nist.gov/vuln/detail/CVE-2024-36041 https://nvd.nist.gov/vuln/detail/CVE-2024-36041 Fri, 05 Jul 2024 02:15:10 +0000 High CVE-2024-36041

KSmserver in KDE Plasma Workspace (aka plasma-workspace) before 5.27.11.1 and 6.x before 6.0.5.1 allows connections via ICE based purely on the host, i.e., all local connections are accepted. This allows another user on the same machine to gain access to the session manager, e.g., use the session-restore feature to execute arbitrary code as the victim (on the next boot) via earlier use of the /tm…

CVSS: 7.8 · CWE: CWE-613

View on NVD

]]> [High] CVE-2013-2120 – The %{password(...)} macro in pastemacroexpander.cpp in the KDE Paste Applet bef... https://nvd.nist.gov/vuln/detail/CVE-2013-2120 https://nvd.nist.gov/vuln/detail/CVE-2013-2120 Tue, 11 Feb 2020 20:15:11 +0000 High CVE-2013-2120

The %{password(...)} macro in pastemacroexpander.cpp in the KDE Paste Applet before 4.10.5 in kdeplasma-addons does not properly generate passwords, which allows context-dependent attackers to bypass authentication via a brute-force attack.

CVSS: 8.4 · CWE: CWE-287

View on NVD

]]>