Qt

Qt

59 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2021-28025

Exploit
  • EPSS 0.03%
  • Veröffentlicht 11.08.2023 14:15:12
  • Zuletzt bearbeitet 21.11.2024 05:58:59

Integer Overflow vulnerability in qsvghandler.cpp in Qt qtsvg versions 5.15.1, 6.0.0, 6.0.2, and 6.2, allows local attackers to cause a denial of service (DoS).

7.5

CVE-2023-38197

  • EPSS 0.05%
  • Veröffentlicht 13.07.2023 02:15:09
  • Zuletzt bearbeitet 21.11.2024 08:13:03

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion.

5.3

CVE-2023-34410

  • EPSS 0.11%
  • Veröffentlicht 05.06.2023 03:15:09
  • Zuletzt bearbeitet 20.03.2025 21:30:54

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate.

5.3

CVE-2023-32762

  • EPSS 0.12%
  • Veröffentlicht 28.05.2023 23:15:09
  • Zuletzt bearbeitet 21.11.2024 08:03:59

An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly ...

7.5

CVE-2023-32763

  • EPSS 0.09%
  • Veröffentlicht 28.05.2023 23:15:09
  • Zuletzt bearbeitet 21.11.2024 08:04:00

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered.

5.3

CVE-2023-33285

  • EPSS 0.1%
  • Veröffentlicht 22.05.2023 03:15:09
  • Zuletzt bearbeitet 21.11.2024 08:05:20

An issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. QDnsLookup has a buffer over-read via a crafted reply from a DNS server.

6.5

CVE-2023-32573

  • EPSS 0.06%
  • Veröffentlicht 10.05.2023 06:15:19
  • Zuletzt bearbeitet 27.01.2025 21:15:11

In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.

7.5

CVE-2023-24607

  • EPSS 0.4%
  • Veröffentlicht 15.04.2023 01:15:07
  • Zuletzt bearbeitet 21.11.2024 07:48:13

Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and 6.3.x before 6.4.3.

8.8

CVE-2022-43591

Exploit
  • EPSS 0.65%
  • Veröffentlicht 12.01.2023 17:15:09
  • Zuletzt bearbeitet 21.11.2024 07:26:50

A buffer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an out-of-bounds memory access, which can lead to arbitrary code execution. Target application would need t...

8.8

CVE-2022-40983

Exploit
  • EPSS 0.5%
  • Veröffentlicht 12.01.2023 17:15:09
  • Zuletzt bearbeitet 21.11.2024 07:22:23

An integer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an integer overflow during memory allocation, which can lead to arbitrary code execution. Target applicat...