Lucene search
K

88 matches found

Talos Blog
Talos Blog
added 2023/01/13 4:58 p.m.26 views

Vulnerability Spotlight: Integer and buffer overflow vulnerabilities found in QT QML

Emma Reuter and Theo Morales of ASIG and Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Cisco ASIG and Cisco Talos recently discovered code execution vulnerabilities in QT QML. Qt is a popular software suite primarily used to create graphical user interfaces. It also contains...

1.2AI score0.01144EPSS
Exploits2
OSV
OSV
added 2023/01/12 5:15 p.m.4 views

DEBIAN-CVE-2022-43591

A buffer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an out-of-bounds memory access, which can lead to arbitrary code execution. Target application would need to access a malicious web page to trigger this...

8.8CVSS8.7AI score0.01144EPSS
Exploits1References1
NVD
NVD
added 2023/01/12 5:15 p.m.31 views

CVE-2022-40983

An integer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an integer overflow during memory allocation, which can lead to arbitrary code execution. Target application would need to access a malicious web page t...

8.8CVSS9AI score0.01076EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2023/01/12 5:15 p.m.39 views

CVE-2022-43591

A buffer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an out-of-bounds memory access, which can lead to arbitrary code execution. Target application would need to access a malicious web page to trigger this...

8.8CVSS7.5AI score0.01144EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2023/01/12 5:15 p.m.42 views

CVE-2022-40983

An integer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an integer overflow during memory allocation, which can lead to arbitrary code execution. Target application would need to access a malicious web page t...

8.8CVSS7.4AI score0.01076EPSS
Exploits1References2
Prion
Prion
added 2023/01/12 5:15 p.m.24 views

Buffer overflow

A buffer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an out-of-bounds memory access, which can lead to arbitrary code execution. Target application would need to access a malicious web page to trigger this...

6.8CVSS9AI score0.01144EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2023/01/12 5:15 p.m.21 views

Integer overflow

An integer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an integer overflow during memory allocation, which can lead to arbitrary code execution. Target application would need to access a malicious web page t...

6.8CVSS8.9AI score0.01076EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2023/01/12 4:44 p.m.25 views

CVE-2022-40983

An integer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an integer overflow during memory allocation, which can lead to arbitrary code execution. Target application would need to access a malicious web page t...

8.8CVSS8.9AI score0.01076EPSS
Exploits1References4
Cvelist
Cvelist
added 2023/01/12 4:44 p.m.51 views

CVE-2022-40983

An integer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an integer overflow during memory allocation, which can lead to arbitrary code execution. Target application would need to access a malicious web page t...

8.8CVSS9.2AI score0.01076EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2023/01/12 4:44 p.m.55 views

CVE-2022-40983

An integer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an integer overflow during memory allocation, which can lead to arbitrary code execution. Target application would need to access a malicious web page t...

8.8CVSS8.9AI score0.01076EPSS
Exploits1
CVE
CVE
added 2023/01/12 4:44 p.m.69 views

CVE-2022-40983

CVE-2022-40983 affects Qt 6.3.2, specifically the QML QtScript Reflect API, where a crafted JavaScript input can trigger an integer overflow during memory allocation, enabling arbitrary code execution when loading a malicious page. The issue has been addressed in Qt 6.4.1, with backports to 6.2 a...

8.8CVSS8.8AI score0.01076EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2023/01/12 4:44 p.m.29 views

CVE-2022-43591

A buffer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an out-of-bounds memory access, which can lead to arbitrary code execution. Target application would need to access a malicious web page to trigger this...

8.8CVSS9.2AI score0.01144EPSS
Exploits1References1
OSV
OSV
added 2023/01/12 4:44 p.m.18 views

CVE-2022-43591

A buffer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an out-of-bounds memory access, which can lead to arbitrary code execution. Target application would need to access a malicious web page to trigger this...

8.8CVSS9AI score0.01144EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2023/01/12 4:44 p.m.48 views

CVE-2022-43591

A buffer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an out-of-bounds memory access, which can lead to arbitrary code execution. Target application would need to access a malicious web page to trigger this...

8.8CVSS9AI score0.01144EPSS
Exploits1
CNNVD
CNNVD
added 2023/01/12 12:0 a.m.5 views

Qt 安全漏洞

Qt is a cross-platform C++ application development framework from the Norwegian company Qt. It is widely used to develop GUI programs, in which case it is also known as the widget toolkit. It can also be used to develop non-GUI programs, such as console tools and servers. A security vulnerability...

8.8CVSS8.6AI score0.01144EPSS
Exploits1References3
Talos
Talos
added 2023/01/12 12:0 a.m.30 views

Qt Project Qt QML QtScript Reflect API integer overflow vulnerability

Talos Vulnerability Report TALOS-2022-1617 Qt Project Qt QML QtScript Reflect API integer overflow vulnerability January 12, 2023 CVE Number CVE-2022-40983 SUMMARY An integer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code...

8.8CVSS8.8AI score0.01076EPSS
Exploits1
Talos
Talos
added 2023/01/12 12:0 a.m.69 views

Qt Project Qt QML QtScript Javascript spreading buffer overflow vulnerability

Talos Vulnerability Report TALOS-2022-1650 Qt Project Qt QML QtScript Javascript spreading buffer overflow vulnerability January 12, 2023 CVE Number CVE-2022-43591 SUMMARY A buffer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript...

8.8CVSS8.9AI score0.01144EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2023/01/12 12:0 a.m.10 views

PT-2023-13907 · Qt Company +1 · Qt +1

Name of the Vulnerable Software and Affected Versions: Qt versions 6.3.2 Description: An integer overflow issue exists in the QML QtScript Reflect API. This can be triggered by specially-crafted javascript code, leading to an integer overflow during memory allocation, which can result in arbitrar...

8.8CVSS8.8AI score0.01076EPSS
Exploits1References10
Cvelist
Cvelist
added 2019/04/22 3:35 p.m.22 views

CVE-2016-1573 Using a specially crafted fallback art property, scopes can execute arbitrary QML code in context of unity8-dash

Versions of Unity8 before 8.11+16.04.20160122-0ubuntu1 file plugins/Dash/CardCreator.js will execute any code found in place of a fallback image supplied by a scope...

4.8CVSS7.8AI score0.00425EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/12/05 12:0 a.m.42 views

Fedora 26 : qt5-qtwebengine (2017-4d90e9fc97)

An update of QtWebEngine to the security and bugfix release 5.9.3, including : - Security fixes from Chromium up to version 62.0.3202.89. Including: CVE-2017-5124, CVE-2017-5126, CVE-2017-5127, CVE-2017-5128, CVE-2017-5129, CVE-2017-5132, CVE-2017-5133, CVE-2017-15386, CVE-2017-15387,...

9.8CVSS7AI score0.05245EPSS
Exploits6References16
Rows per page
Query Builder