VulnerableCode Vulnerability Details

System	Score	Found at
generic_textual	Medium	http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-14744.html
rhas	Important	https://access.redhat.com/errata/RHSA-2020:2833
cvssv3	8.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14744.json
epss	0.00343	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00343	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00343	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00392	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00426	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00426	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00426	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00426	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00426	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00426	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00426	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00426	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00426	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00426	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00426	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00426	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00656	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00656	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00656	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00656	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00656	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00656	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00656	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00656	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00656	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00656	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00656	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00656	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00656	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00656	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00656	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00656	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00656	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00656	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00656	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00656	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00656	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00656	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00656	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00656	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.00656	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.0088	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.01082	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.01082	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
epss	0.01382	https://api.first.org/data/v1/epss?cve=CVE-2019-14744
rhbs	high	https://bugzilla.redhat.com/show_bug.cgi?id=1740138
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14744
generic_textual	Medium	https://gist.githubusercontent.com/zeropwn/630832df151029cb8f22d5b6b9efaefb/raw/64aa3d30279acb207f787ce9c135eefd5e52643b/kde-kdesktopfile-command-injection.txt
generic_textual	Medium	https://kde.org/info/security/advisory-20190807-1.txt
cvssv2	5.1	https://nvd.nist.gov/vuln/detail/CVE-2019-14744
cvssv3	7.8	https://nvd.nist.gov/vuln/detail/CVE-2019-14744
cvssv3	7.8	https://nvd.nist.gov/vuln/detail/CVE-2019-14744
cvssv3.1	7.8	https://nvd.nist.gov/vuln/detail/CVE-2019-14744
generic_textual	Medium	https://phabricator.kde.org/D22979
generic_textual	Medium	https://ubuntu.com/security/notices/USN-4100-1
generic_textual	Medium	https://usn.ubuntu.com/usn/usn-4100-1
generic_textual	Medium	https://www.zdnet.com/article/unpatched-kde-vulnerability-disclosed-on-twitter/

System

Score

Found at

generic_textual

Medium

http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-14744.html

rhas

Important

https://access.redhat.com/errata/RHSA-2020:2833

cvssv3

8.8

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14744.json

epss

0.00343

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00343

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00343

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00392

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00426

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00426

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00426

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00426

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00426

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00426

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00426

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00426

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00426

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00426

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00426

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00426

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00656

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00656

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00656

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00656

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00656

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00656

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00656

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00656

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00656

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00656

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00656

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00656

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00656

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00656

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00656

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00656

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00656

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00656

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00656

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00656

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00656

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00656

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00656

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00656

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.00656

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.0088

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.01082

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.01082

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

epss

0.01382

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

rhbs

high

https://bugzilla.redhat.com/show_bug.cgi?id=1740138

generic_textual

Medium

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14744

generic_textual

Medium

https://gist.githubusercontent.com/zeropwn/630832df151029cb8f22d5b6b9efaefb/raw/64aa3d30279acb207f787ce9c135eefd5e52643b/kde-kdesktopfile-command-injection.txt

generic_textual

Medium

https://kde.org/info/security/advisory-20190807-1.txt

cvssv2

5.1

https://nvd.nist.gov/vuln/detail/CVE-2019-14744

cvssv3

7.8

https://nvd.nist.gov/vuln/detail/CVE-2019-14744

cvssv3

7.8

https://nvd.nist.gov/vuln/detail/CVE-2019-14744

cvssv3.1

7.8

https://nvd.nist.gov/vuln/detail/CVE-2019-14744

generic_textual

Medium

https://phabricator.kde.org/D22979

generic_textual

Medium

https://ubuntu.com/security/notices/USN-4100-1

generic_textual

Medium

https://usn.ubuntu.com/usn/usn-4100-1

generic_textual

Medium

https://www.zdnet.com/article/unpatched-kde-vulnerability-disclosed-on-twitter/

Reference id

Reference type

URL

http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00013.html

http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00016.html

http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00034.html

http://packetstormsecurity.com/files/153981/Slackware-Security-Advisory-kdelibs-Updates.html

http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-14744.html

https://access.redhat.com/errata/RHSA-2019:2606

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14744.json

https://api.first.org/data/v1/epss?cve=CVE-2019-14744

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14744

https://gist.githubusercontent.com/zeropwn/630832df151029cb8f22d5b6b9efaefb/raw/64aa3d30279acb207f787ce9c135eefd5e52643b/kde-kdesktopfile-command-injection.txt

https://kde.org/info/security/advisory-20190807-1.txt

https://lists.debian.org/debian-lts-announce/2019/08/msg00023.html

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IRIKH7ZWXELIQT6WSLV7EG3VTFWKZPD/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNHO6FZRYBQ2R3UCFDGS66F6DNNTKCMM/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYKLUSSEK3YJOVQDL6K2LKGS3354UH6L/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTFBQRJAU7ITD3TOMPZAUQMYYCAZ6DTX/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YIDXQ6CUB5E7Y3MJWCUY4VR42QAE6SCJ/

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IRIKH7ZWXELIQT6WSLV7EG3VTFWKZPD/

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNHO6FZRYBQ2R3UCFDGS66F6DNNTKCMM/

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UYKLUSSEK3YJOVQDL6K2LKGS3354UH6L/

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTFBQRJAU7ITD3TOMPZAUQMYYCAZ6DTX/

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YIDXQ6CUB5E7Y3MJWCUY4VR42QAE6SCJ/

https://phabricator.kde.org/D22979

https://seclists.org/bugtraq/2019/Aug/12

https://seclists.org/bugtraq/2019/Aug/9

https://security.gentoo.org/glsa/201908-07

https://ubuntu.com/security/notices/USN-4100-1

https://usn.ubuntu.com/4100-1/

https://usn.ubuntu.com/usn/usn-4100-1

https://www.debian.org/security/2019/dsa-4494

https://www.zdnet.com/article/unpatched-kde-vulnerability-disclosed-on-twitter/

1740138

https://bugzilla.redhat.com/show_bug.cgi?id=1740138

934267

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934267

cpe:2.3:a:kde:kconfig:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kde:kconfig:*:*:*:*:*:*:*:*

cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

CVE-2019-14744

https://nvd.nist.gov/vuln/detail/CVE-2019-14744

RHSA-2020:2833

https://access.redhat.com/errata/RHSA-2020:2833

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14744.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2019-14744

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2019-14744

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2019-14744

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2019-14744

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.

There are no relevant records.

Vulnerability ID	VCID-ezms-uxg1-aaar
Aliases	CVE-2019-14744
Summary	In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop file.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

CWE-78	Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-454	External Initialization of Trusted Variables or Data Stores

Percentile	0.71247
EPSS Score	0.00343
Published At	Dec. 17, 2024, midnight