17 matches found
EUVD-2018-7395
Malware in sbrugna...
GLSA-202402-03 : QtGui: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202402-03 QtGui: Multiple Vulnerabilities - Qt 5.x before 5.15.6 and 6.x through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath called from QRasterPaintEngine::fill and QPaintEngineEx::stroke. CVE-2021-38593 - An...
Oracle Linux 7 : qt (ELSA-2020-1172)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1172 advisory. 1:4.8.7-8 - Fix QImage allocation failure in qgifhandler Resolves: bz1667863 - Fix QTgaFile CPU exhaustion Resolves: bz1667879 - Fix QBmpHandler...
NewStart CGSL CORE 5.05 / MAIN 5.05 : qt5-qttranslations Multiple Vulnerabilities (NS-SA-2023-0014)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has qt5-qttranslations packages installed that are affected by multiple vulnerabilities: - QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document...
NewStart CGSL CORE 5.05 / MAIN 5.05 : qt5-qtserialport Multiple Vulnerabilities (NS-SA-2023-0011)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has qt5-qtserialport packages installed that are affected by multiple vulnerabilities: - QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document...
Medium: qt5-qtbase
Issue Overview: Qt 5.x before 5.15.6 and 6.x through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath called from QRasterPaintEngine::fill and QPaintEngineEx::stroke. CVE-2021-38593 Affected Packages: qt5-qtbase Note: This advisory is applicable to Amazon Linux 2 AL2 Core repositor...
CVE-2018-15518
QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document...
Double free
QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document...
CVE-2018-15518
QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document...
CVE-2018-15518
QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document...
CVE-2018-15518
QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document...
CVE-2018-15518
QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document...
CVE-2018-19865
A keystroke logging issue was discovered in Virtual Keyboard in Qt 5.7.x, 5.8.x, 5.9.x, 5.10.x, and 5.11.x before 5.11.3...
CVE-2018-19865
CVE-2018-19865: A keystroke-logging issue was discovered in Qt’s Virtual Keyboard. Affected: Qt 5.7.x–5.11.x prior to 5.11.3. Root cause: verbose keypress logging in the Virtual Keyboard. Impact: possible leakage of keystrokes; no exploit details provided in the documents. Mitigation: update to Q...
CVE-2017-15011
The named pipes in qtsingleapp in Qt 5.x, as used in qBittorrent and SugarSync, are configured for remote access and allow remote attackers to cause a denial of service application crash via an unspecified string...
CVE-2017-15011
The named pipes in qtsingleapp in Qt 5.x, as used in qBittorrent and SugarSync, are configured for remote access and allow remote attackers to cause a denial of service application crash via an unspecified string...
CVE-2017-15011
The CVE concerns the named pipes feature in qtsingleapp (Qt 5.x), used by qBittorrent and SugarSync. Connected sources indicate these named pipes are configured for remote access, allowing remote attackers to trigger a denial of service (application crash) by providing an unspecified string. The ...