Kde Kde-Workspace vulnerabilities

CVE-2013-4133 [HIGH] CWE-404 CVE-2013-4133: kde-workspace before 4.10.5 has a memory leak in plasma desktop kde-workspace before 4.10.5 has a memory leak in plasma desktop

CVE-2015-1308 [MEDIUM] CWE-200 CVE-2015-1308: kde-workspace 4.2.0 and plasma-workspace before 5.1.95 allows remote attackers to obtain input event kde-workspace 4.2.0 and plasma-workspace before 5.1.95 allows remote attackers to obtain input events, and consequently obtain passwords, by leveraging access to the X server when the screen is locked.

CVE-2014-8651 [HIGH] CWE-264 CVE-2014-8651: The KDE Clock KCM policykit helper in kde-workspace before 4.11.14 and plasma-desktop before 5.1.1 a The KDE Clock KCM policykit helper in kde-workspace before 4.11.14 and plasma-desktop before 5.1.1 allows local users to gain privileges via a crafted ntpUtility (ntp utility name) argument.

CVE-2013-4132 [MEDIUM] CWE-310 CVE-2013-4132: KDE-Workspace 4.10.5 and earlier does not properly handle the return value of the glibc 2.17 crypt a KDE-Workspace 4.10.5 and earlier does not properly handle the return value of the glibc 2.17 crypt and pw_encrypt functions, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via (1) an invalid salt or a (2) DES or (3) MD5 encrypted password, when FIPS-140 is enable, to KDM or an (4) invalid password to KC