91 matches found
Astra Linux - уязвимость в qtbase-opensource-src
A issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. QDnsLookup has a buffer over-read issue due to a crafted reply from a DNS server...
Qt SVG 安全漏洞
Qt SVG is a graphics processing module developed by the Qt company. Versions of Qt SVG from 6.7.0 to 6.8.8, as well as versions from 6.9.0 to 6.11.1, have security vulnerabilities. These vulnerabilities stem from type confusion during the processing of SVG markup references, which may lead to...
Astra Linux - уязвимость в qtbase-opensource-src
A issue was discovered in the private API function qDecodeDataUrl within QtCore, which is used in QTextDocument and QNetworkReply, and potentially in user code as well. If this function is called with malformed data—for example, a URL that contains a “charset” parameter without a value e.g.,...
Azure Linux 3.0 Security Update: qtbase (CVE-2024-30161)
The version of qtbase installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-30161 advisory. - In Qt 6.5.4, 6.5.5, and 6.6.2, QNetworkReply header data might be accessed via a dangling pointer in Qt for...
Amazon Linux 2 : qt5-qtbase, --advisory ALAS2-2025-3102 (ALAS-2025-3102)
The version of qt5-qtbase installed on the remote host is prior to 5.15.3-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3102 advisory. Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Q...
CVE-2025-12385
CVE-2025-12385 affects the Qt Text component in Qt Quick across Windows, macOS, Linux, iOS, Android (Qt 5.0.0–6.5.10, 6.6.0–6.8.5, 6.9.0–6.10.0). Root cause: missing validation of width/height in the tag in the Text parser, allowing excessive resource allocation and potentially an unresponsive a...
CVE-2025-12385 Improper validation of <img> tag size in Text component parser
Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick...
EUVD-2018-11539
Malware in sbrugna...
EUVD-2023-41271
Malicious code in bioql PyPI...
EUVD-2024-38310
Malicious code in bioql PyPI...
EUVD-2025-16968
Malicious code in bioql PyPI...
EUVD-2023-37450
Malicious code in bioql PyPI...
EUVD-2025-28000
Malicious code in bioql PyPI...
EUVD-2023-38488
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2020-13962
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service...
Linux Distros Unpatched Vulnerability : CVE-2024-39936
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make...
MGASA-2025-0208 Updated qtimageformats6 packages fix security vulnerabilities
Loading a specifically-crafted ICNS format image file in QImage will trigger a crash. This issue affects Qt from versions 6.3.0 through 6.5.9, from 6.6.0 through 6.8.4, 6.9.0...
Mageia: Security Advisory (MGASA-2025-0208)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2025-5992
When passing values outside of the expected range to QColorTransferGenericFunction it can cause a denial of service, for example, this can happen when passing a specifically crafted ICC profile to QColorSpace::fromICCProfile.This issue affects Qt from 6.6.0 through 6.8.3, from 6.9.0 through 6.9.1...
OESA-2025-1794 qt6-qtimageformats security update
Security Fixes: When loading a specifically crafted ICNS format image file in QImage then it will trigger a crash. This issue affects Qt from versions 6.3.0 through 6.5.9, from 6.6.0 through 6.8.4, 6.9.0. This is fixed in 6.5.10, 6.8.5 and 6.9.1.CVE-2025-5683...