Qt

Qt

59 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2021-28025

Exploit
  • EPSS 0.03%
  • Published 11.08.2023 14:15:12
  • Last modified 21.11.2024 05:58:59

Integer Overflow vulnerability in qsvghandler.cpp in Qt qtsvg versions 5.15.1, 6.0.0, 6.0.2, and 6.2, allows local attackers to cause a denial of service (DoS).

7.5

CVE-2023-38197

  • EPSS 0.05%
  • Published 13.07.2023 02:15:09
  • Last modified 21.11.2024 08:13:03

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion.

5.3

CVE-2023-34410

  • EPSS 0.11%
  • Published 05.06.2023 03:15:09
  • Last modified 20.03.2025 21:30:54

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate.

5.3

CVE-2023-32762

  • EPSS 0.12%
  • Published 28.05.2023 23:15:09
  • Last modified 21.11.2024 08:03:59

An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly ...

7.5

CVE-2023-32763

  • EPSS 0.09%
  • Published 28.05.2023 23:15:09
  • Last modified 21.11.2024 08:04:00

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered.

5.3

CVE-2023-33285

  • EPSS 0.1%
  • Published 22.05.2023 03:15:09
  • Last modified 21.11.2024 08:05:20

An issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. QDnsLookup has a buffer over-read via a crafted reply from a DNS server.

6.5

CVE-2023-32573

  • EPSS 0.06%
  • Published 10.05.2023 06:15:19
  • Last modified 27.01.2025 21:15:11

In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.

7.5

CVE-2023-24607

  • EPSS 0.4%
  • Published 15.04.2023 01:15:07
  • Last modified 21.11.2024 07:48:13

Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and 6.3.x before 6.4.3.

8.8

CVE-2022-43591

Exploit
  • EPSS 0.65%
  • Published 12.01.2023 17:15:09
  • Last modified 21.11.2024 07:26:50

A buffer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an out-of-bounds memory access, which can lead to arbitrary code execution. Target application would need t...

8.8

CVE-2022-40983

Exploit
  • EPSS 0.5%
  • Published 12.01.2023 17:15:09
  • Last modified 21.11.2024 07:22:23

An integer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an integer overflow during memory allocation, which can lead to arbitrary code execution. Target applicat...