High
CVE-2024-36041
KSmserver in KDE Plasma Workspace (aka plasma-workspace) before 5.27.11.1 and 6.x before 6.0.5.1 allows connections via ICE based purely on the host, i.e., all local connections are accepted. This al…
Tag: KDE Plasma
All CVEs associated with "KDE Plasma". Page 1/1 • 7 CVEs.
About “KDE Plasma”
A curated feed of “KDE Plasma”-related CVEs appears below. We currently track 7 CVEs for this tag (all time). In the last 365 days, 0 were published. Average CVSS is 5.7 (all time), and 29% are rated High/Critical (all time). Top CWEs (all time): CWE-613 - Insufficient Session Expiration, CWE-755 - Improper Handling of Exceptional Conditions, CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal').
In our taxonomy this topic maps to a LOW impact class. Vendor advisories and release notes are key. Verify compatibility matrices, prefer supported long term versions, and stage rollouts with monitoring. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
Support & lifecycle: kde-plasma
This table shows recent release cycles and their projected end-of-life. Data source: endoflife.date.
| Cycle | Release | Latest | Premier Support | EOL | LTS |
|---|---|---|---|---|---|
| 6.6 | 6.6.5 | Unavailable | - | ||
| 6.5 | 6.5.6 | Expired | |||
| 6.4 | 6.4.6 | Expired | |||
| 6.3 | 6.3.6 | Expired | |||
| 6.2 | 6.2.5 | Expired | |||
| 6.1 | 6.1.5 | Expired | |||
| 6.0 | 6.0.5 | Expired | |||
| 5.27 | 5.27.12 | - | LTS | ||
| 5.26 | 5.26.5 | Expired | |||
| 5.25 | 5.25.5 | Expired | |||
| 5.24 | 5.24.7 | Expired | LTS | ||
| 5.23 | 5.23.5 | Expired | |||
| 5.18 | 5.18.8 | Expired | LTS |
Maintained Soon (≤ 180 days) Expired
Subscribe lifecycle: RSS · RSS (expired) · ICS
Subscribe CVEs: RSS for “KDE Plasma” · RSS (High+Critical only)
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2024-07-05
2024-04-17
Low
CVE-2024-26911
In the Linux kernel, the following vulnerability has been resolved: drm/buddy: Fix alloc_range() error handling code Few users have observed display corruption when they boot the machine to KDE Pla…
2024-02-11
Low
CVE-2024-1433
A vulnerability, which was classified as problematic, was found in KDE Plasma Workspace up to 5.93.0. This affects the function EventPluginsManager::enabledPlugins of the file components/calendar/eve…
2020-02-11
Medium
CVE-2013-2213
The KRandom::random function in KDE Paste Applet after 4.10.5 in kdeplasma-addons uses the GNU C Library rand function's linear congruential generator, which makes it easier for context-dependent att…
High
CVE-2013-2120
The %{password(...)} macro in pastemacroexpander.cpp in the KDE Paste Applet before 4.10.5 in kdeplasma-addons does not properly generate passwords, which allows context-dependent attackers to bypass…
2018-02-07
Medium
CVE-2018-6791
An issue was discovered in soliduiserver/deviceserviceaction.cpp in KDE Plasma Workspace before 5.12.0. When a vfat thumbdrive that contains `` or $() in its volume label is plugged in and mounted th…
Medium
CVE-2018-6790
An issue was discovered in KDE Plasma Workspace before 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote attackers to discover client IP addresses via a URL in a notification, a…