Lucene search
+L

223 matches found

OSV
OSV
added 2023/12/24 9:15 p.m.2 views

DEBIAN-CVE-2023-51714

An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check...

9.8CVSS8.2AI score0.00986EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/12/24 12:0 a.m.4 views

Qt Security Vulnerabilities

Qt is a cross-platform C++ application development framework from the Norwegian company Qt. It is widely used to develop GUI programs, in which case it is also known as the widget toolkit. It can also be used to develop non-GUI programs, such as console tools and servers. A security vulnerability...

9.8CVSS6.9AI score0.00986EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/11/14 3:32 p.m.7 views

qt: allows remote attacker to bypass security restrictions caused by flaw in certificate validation

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate...

5.3CVSS7.4AI score0.00732EPSS
Exploits0References4
OSV
OSV
added 2023/11/10 11:6 a.m.5 views

OESA-2023-1810 qt security update

Qt pronounced as "cute", not "cu-tee" is a cross-platform framework that is usually used as a graphical toolkit, although it is also very helpful in creating CLI applications. It runs on the three major desktop OSes, as well as on mobile OSes, such as Symbian, Nokia Belle, Meego Harmattan, MeeGo ...

5.3CVSS6.9AI score0.00732EPSS
Exploits0References2
OSV
OSV
added 2023/11/10 11:6 a.m.5 views

OESA-2023-1791 qt5-qtbase security update

Qt is a software toolkit for developing applications. Security Fixes: An issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. QDnsLookup has a buffer over-read via a crafted reply from a DNS server.CVE-2023-33285...

5.3CVSS7.2AI score0.00805EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/10/31 2:47 a.m.4 views

SUSE CVE-2015-9541

Qt through 5.14 allows an exponential XML entity expansion attack via a crafted SVG document that is mishandled in QXmlStreamReader, a related issue to CVE-2003-1564...

7.5CVSS6.9AI score0.02489EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/09/21 12:0 a.m.13 views

The vulnerability of the `addApplicationFont{FromData}` function in the QFontDatabase class, a cross-platform framework for Qt software development, allows a attacker to cause a service failure.

The vulnerability of the addApplicationFontFromData function in the QFontDatabase class, a cross-platform framework for Qt software development, is related to improper cleaning or release of resources during font processing. Exploiting this vulnerability can allow an attacker to cause service...

3CVSS6.7AI score0.00249EPSS
Exploits0References3Affected Software1
SUSE CVE
SUSE CVE
added 2023/09/20 11:26 p.m.19 views

SUSE CVE-2023-43114

An issue was discovered in Qt before 5.15.16, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3 on Windows. When using the GDI font engine, if a corrupted font is loaded via QFontDatabase::addApplicationFontFromData, then it can cause the application to crash because of missing length check...

5.5CVSS6.9AI score0.00249EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/09/18 7:15 a.m.4 views

CVE-2023-43114

An issue was discovered in Qt before 5.15.16, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3 on Windows. When using the GDI font engine, if a corrupted font is loaded via QFontDatabase::addApplicationFontFromData, then it can cause the application to crash because of missing length check...

5.5CVSS6.8AI score0.00249EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/09/04 12:0 a.m.7 views

The vulnerability of the QXmlStreamReader function in the cross-platform framework for Qt software development allows a attacker to cause a service failure.

The vulnerability of the QXmlStreamReader function in the cross-platform software development framework for Qt is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

7.8CVSS7.3AI score0.01273EPSS
Exploits0References18Affected Software10
BDU FSTEC
BDU FSTEC
added 2023/09/04 12:0 a.m.7 views

The vulnerability of the LoadLibrary function in the cross-platform framework for developing Qt software allows a perpetrator to gain access to protected information.

The vulnerability of the LoadLibrary function in the cross-platform framework for developing Qt software relates to the possibility of bypassing the directory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to protected information...

7.8CVSS7.3AI score0.0193EPSS
Exploits0References6Affected Software2
OSV
OSV
added 2023/09/02 11:5 a.m.4 views

OESA-2023-1580 qt security update

Qt pronounced as "cute", not "cu-tee" is a cross-platform framework that is usually used as a graphical toolkit, although it is also very helpful in creating CLI applications. It runs on the three major desktop OSes, as well as on mobile OSes, such as Symbian, Nokia Belle, Meego Harmattan, MeeGo ...

6.5CVSS6.8AI score0.00877EPSS
Exploits0References2
Talos Blog
Talos Blog
added 2023/08/24 12:2 p.m.95 views

Lazarus Group exploits ManageEngine vulnerability to deploy QuiteRAT

Cisco Talos discovered the North Korean state-sponsored actor Lazarus Group targeting internet backbone infrastructure and healthcare entities in Europe and the United States. This is the third documented campaign attributed to this actor in less than a year, with the actor reusing the same...

7.5CVSS10AI score0.99753EPSS
Exploits15
OSV
OSV
added 2023/08/20 7:15 a.m.2 views

DEBIAN-CVE-2023-37369

In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length...

7.5CVSS6.6AI score0.01553EPSS
Exploits1References1
OSV
OSV
added 2023/08/20 7:15 a.m.3 views

UBUNTU-CVE-2023-37369

In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length...

7.5CVSS6.8AI score0.01553EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/08/20 12:0 a.m.5 views

Qt 安全漏洞

Qt is a cross-platform C++ application development framework from the Norwegian company Qt. It is widely used to develop GUI programs, in which case it is also known as the widget toolkit. Can also be used to develop non-GUI programs, such as console tools and servers. A security vulnerability...

7.5CVSS6.9AI score0.01553EPSS
Exploits1References9
SUSE CVE
SUSE CVE
added 2023/08/16 11:19 p.m.4 views

SUSE CVE-2023-37369

In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length...

5.5CVSS6.9AI score0.01553EPSS
Exploits1References8
CNNVD
CNNVD
added 2023/08/11 12:0 a.m.5 views

Qt Input Validation Error Vulnerability

Qt is a cross-platform C++ application development framework from the Norwegian company Qt. It is widely used to develop GUI programs, in which case it is also known as the widget toolkit. It can also be used to develop non-GUI programs, such as console tools and servers. A security vulnerability...

5.5CVSS6.6AI score0.00266EPSS
Exploits1References2
Snyk
Snyk
added 2023/07/13 11:34 a.m.2 views

Infinite loop

Overview Affected versions of this package are vulnerable to Infinite loop in recursive entity expansion. Remediation Upgrade qt to version 5.15.16, 6.5.3 or higher. References - qt Issue...

7.5CVSS7AI score0.01273EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/07/13 2:15 a.m.3 views

CVE-2023-38197

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion...

7.5CVSS6.9AI score0.01273EPSS
Exploits0References10
Rows per page
Query Builder