18 matches found
EUVD-2022-44229
Malicious code in bioql PyPI...
CVE-2022-43591
A buffer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an out-of-bounds memory access, which can lead to arbitrary code execution. Target application would need to access a malicious web page to trigger this...
Regarding recent reported security vulnerabilities from Cisco Talos
Back in October 2022, the Qt Project Security team was contacted by someone at Cisco Talos to report an issue with integer and buffer overflow issues in QML which they considered a vulnerability in Qt 6.3. This has recently been made public by Cisco Talos here. This has also resulted in two CVEs ...
CVE-2022-40983
An integer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an integer overflow during memory allocation, which can lead to arbitrary code execution. Target application would need to access a malicious web page t...
CVE-2022-43591
A buffer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an out-of-bounds memory access, which can lead to arbitrary code execution. Target application would need to access a malicious web page to trigger this...
CVE-2022-43591
A buffer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an out-of-bounds memory access, which can lead to arbitrary code execution. Target application would need to access a malicious web page to trigger this...
CVE-2022-40983
An integer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an integer overflow during memory allocation, which can lead to arbitrary code execution. Target application would need to access a malicious web page t...
CVE-2022-43591
A buffer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an out-of-bounds memory access, which can lead to arbitrary code execution. Target application would need to access a malicious web page to trigger this...
Integer overflow
An integer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an integer overflow during memory allocation, which can lead to arbitrary code execution. Target application would need to access a malicious web page t...
CVE-2022-40983
An integer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an integer overflow during memory allocation, which can lead to arbitrary code execution. Target application would need to access a malicious web page t...
CVE-2022-40983
An integer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an integer overflow during memory allocation, which can lead to arbitrary code execution. Target application would need to access a malicious web page t...
CVE-2022-43591
A buffer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an out-of-bounds memory access, which can lead to arbitrary code execution. Target application would need to access a malicious web page to trigger this...
CVE-2022-43591
A buffer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an out-of-bounds memory access, which can lead to arbitrary code execution. Target application would need to access a malicious web page to trigger this...
CVE-2022-43591
Summary: CVE-2022-43591 is a buffer overflow in the QML QtScript Reflect API of Qt 6.3.2. A specially crafted JavaScript payload can trigger out‑of‑bounds memory access and, as described, can lead to arbitrary code execution when a target application visits a malicious page. Affected component: Q...
Qt Project Qt QML QtScript Reflect API integer overflow vulnerability
Talos Vulnerability Report TALOS-2022-1617 Qt Project Qt QML QtScript Reflect API integer overflow vulnerability January 12, 2023 CVE Number CVE-2022-40983 SUMMARY An integer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code...
Qt Project Qt QML QtScript Javascript spreading buffer overflow vulnerability
Talos Vulnerability Report TALOS-2022-1650 Qt Project Qt QML QtScript Javascript spreading buffer overflow vulnerability January 12, 2023 CVE Number CVE-2022-43591 SUMMARY A buffer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript...
Security advisory: QLockFile, QAuthenticator, Windows platform plugin
Recently, the Qt Project's security team was made aware of an issue regarding Qt's usage of LoadLibrary in a few locations and determined it to be a security issue on Windows only. Specifically, the problem is connected to when LoadLibrary is used to load a system library, such as opengl.dll as...
Fedora 19 : qt-4.8.5-15.fc19 (2013-22932)
Qt Project Security Advisory: XML Entity Expansion Denial of Service CVE-2013-4549 See also http://lists.qt-project.org/pipermail/announce/2013-December/000036.ht ml In addition, this update : - adds support for the aarch64 architecture, - fixes QTBUG-35459, a too low character limit for XML...