EUVD-2023-36816

Malicious code in bioql PyPI...

EulerOS 2.0 SP8 : qt5-qtsvg (EulerOS-SA-2023-3156)

According to the versions of the qt5-qtsvg package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont munitsPerEm initialization is...

Oracle Linux 9 : qt5 (ELSA-2023-6369)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-6369 advisory. - Fix infinite loops in QXmlStreamReader CVE-2023-38197 Resolves: bz2222771 - Don't allow remote attacker to bypass security restrictions caused by fla...

Huawei EulerOS: Security Advisory for qt (EulerOS-SA-2023-3154)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 9 : qt5 (RHSA-2023:6369)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6369 advisory. Qt is a software toolkit for developing applications. Security Fixes: qt: buffer over-read via a crafted reply from a DNS server...

OESA-2023-1546 qt security update

Qt pronounced as "cute", not "cu-tee" is a cross-platform framework that is usually used as a graphical toolkit, although it is also very helpful in creating CLI applications. It runs on the three major desktop OSes, as well as on mobile OSes, such as Symbian, Nokia Belle, Meego Harmattan, MeeGo ...

OESA-2023-1547 qt security update

Qt pronounced as "cute", not "cu-tee" is a cross-platform framework that is usually used as a graphical toolkit, although it is also very helpful in creating CLI applications. It runs on the three major desktop OSes, as well as on mobile OSes, such as Symbian, Nokia Belle, Meego Harmattan, MeeGo ...

OESA-2023-1545 qt security update

Qt pronounced as "cute", not "cu-tee" is a cross-platform framework that is usually used as a graphical toolkit, although it is also very helpful in creating CLI applications. It runs on the three major desktop OSes, as well as on mobile OSes, such as Symbian, Nokia Belle, Meego Harmattan, MeeGo ...

Mageia: Security Advisory (MGASA-2023-0231)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2023-0231 Updated qt4/qtsvg5 packages fix security vulnerability

Out-of-bounds write in QtPrivate::QCommonArrayOps::growAppend CVE-2021-45930 QtSvg QSvgFont munitsPerEm initialization is mishandled. CVE-2023-32573...

Divide By Zero

qt6-qtsvg is vulnerable to Divide By Zero. The vulnerability due to the improper initialization of the QSvgFont munitsPerEm, which allows an attacker to cause an application crash...

OPENSUSE-SU-2023:0111-1 Security update for qt6-svg

This update for qt6-svg fixes the following issues: - CVE-2023-32573: Fixed missing initialization of QtSvg QSvgFont munitsPerEm boo1211298...

Security advisory: Qt SVG

A recent buffer overflow issue in Qt SVG has been reported and has been assigned the CVE id CVE-2023-32763. This effects all Qt versions up to and including Qt 5.15.14, Qt 6.0.0-6.2.8 and Qt 6.3.0-6.5.0 When a SVG file with an image inside it is rendered, a QTextLayout overflow can be triggered...

In Qt before 5.15.14 6.0.x through 6.2.x before 6.2.9 and 6.3.x through 6.5.x before 6.5.1 QtSvg QSvgFont m_unitsPerEm initialization is mishandled.

...

SUSE CVE-2023-32573

In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont munitsPerEm initialization is mishandled...

CVE-2023-32573

In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont munitsPerEm initialization is mishandled...

Code injection

In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont munitsPerEm initialization is mishandled...

CVE-2023-32573

In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont munitsPerEm initialization is mishandled...

Qt 数字错误漏洞

Qt is a cross-platform C++ application development framework from the Norwegian company Qt. It is widely used to develop GUI programs, in which case it is also known as the widget toolkit. It can also be used to develop non-GUI programs, such as console tools and servers. A security vulnerability...

CVE-2023-32573

The CVE-2023-32573 issue affects QtSvg: in Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, the QSvgFont m_unitsPerEm initialization is mishandled. This has an Availability impact (per CVSS) and is rated Medium (6.5) with network access, no privileges, an...