This page lists publicly disclosed CVE vulnerabilities affecting kde kde-workspace (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2013-4133 | kde-workspace before 4.10.5 has a memory leak in plasma desktop | [email protected] | 7.5 | 1.99% | 2019-12-10 | 2024-11-21 |
| CVE-2015-1308 | kde-workspace 4.2.0 and plasma-workspace before 5.1.95 allows remote attackers to obtain input events, and consequently obtain passwords, by leveraging access to the X server when the screen is locked. | [email protected] | 4.3 | 0.42% | 2015-01-26 | 2026-05-06 |
| CVE-2014-8651 | The KDE Clock KCM policykit helper in kde-workspace before 4.11.14 and plasma-desktop before 5.1.1 allows local users to gain privileges via a crafted ntpUtility (ntp utility name) argument. | [email protected] | 7.2 | 0.09% | 2014-12-06 | 2026-05-06 |
| CVE-2013-4132 | KDE-Workspace 4.10.5 and earlier does not properly handle the return value of the glibc 2.17 crypt and pw_encrypt functions, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via (1) an invalid salt or a (2) DES or (3) MD5 encrypted password, when FIPS-140 is enable, to KDM or an (4) invalid password to KCheckPass. | [email protected] | 5.0 | 0.83% | 2013-09-16 | 2026-04-29 |