📦

kio

Vendor: kde

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 1 Remote Access

Total CVEs 17 Total Indexed

Avg. EPSS 0.51% Exploit Prob.

Latest CVE CVE-2022-28223 Mar 30

Security Vulnerability Index

Page 1 / 2

9.1 CVSS

CVE-2022-28223

RCE

Tekon KIO devices through 2022-03-30 allow an authenticated admin user to escalate privileges to root by uploading a malicious Lua plugin.

EPSS: 0.83%

Severity: CRITICAL

Mar 30, 2022

5.5 CVSS

CVE-2017-6410

kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls the PAC FindProxyForURL function with a full https URL (potentially including Basic Authentication credentials, a query string, or PATH_INFO), which allows remote attackers to obtain sensitive information via a crafted PAC file.

EPSS: 0.18%

Severity: MEDIUM

Mar 02, 2017

Displaying 2 of 17 Total Entries

1 2

Total 2 Sections