Astra Linux - уязвимость в qt4-x11, qtbase-opensource-src

In Qt versions prior to 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there may be an application crash in QXmlStreamReader due to a crafted XML string, causing a situation where a prefix is greater than a certain length...

EUVD-2015-9381

Malware in sbrugna...

EUVD-2023-41271

Malicious code in bioql PyPI...

Qt: Buffer Overflow

Background Qt is a cross-platform application development framework. Description When given specifically crafted data then QXmlStreamReader can end up causing a buffer overflow and subsequently a crash or freeze or get out of memory on recursive entity expansion, with DTD tokens in XML body. Impa...

Debian dla-3805 : libqt5concurrent5 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3805 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3805-1 [email protected]...

Important: qt5-qtbase

Issue Overview: Potential buffer overflow issue in QXmlStreamReader. When given specifically crafted data then QXmlStreamReader can end up causing a buffer overflow and subsequently a crash. CVE-2023-37369 Affected Packages: qt5-qtbase Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

Important: qt5-qtbase

Issue Overview: Potential buffer overflow issue in QXmlStreamReader. When given specifically crafted data then QXmlStreamReader can end up causing a buffer overflow and subsequently a crash. CVE-2023-37369 Affected Packages: qt5-qtbase Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

Amazon Linux 2 : qt5-qtbase (ALAS-2024-2533)

The version of qt5-qtbase installed on the remote host is prior to 5.9.2-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2533 advisory. Potential buffer overflow issue in QXmlStreamReader.When given specifically crafted data then QXmlStreamReader can end up causin...

openSUSE: Security Advisory for libqt5 (SUSE-SU-2023:4951-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : qt5-qtbase (EulerOS-SA-2023-3155)

According to the versions of the qt5-qtbase packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does no...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libqt5-qtbase (SUSE-SU-2023:4951-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4951-1 advisory. - In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an applicati...

OESA-2023-1878 qt security update

Qt pronounced as "cute", not "cu-tee" is a cross-platform framework that is usually used as a graphical toolkit, although it is also very helpful in creating CLI applications. It runs on the three major desktop OSes, as well as on mobile OSes, such as Symbian, Nokia Belle, Meego Harmattan, MeeGo ...

Oracle Linux 8 : qt5-qtbase (ELSA-2023-6967)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-6967 advisory. - Fix infinite loops in QXmlStreamReader CVE-2023-38197 Resolves: bz2222770 - Don't allow remote attacker to bypass security restrictions caused by fla...

Oracle Linux 9 : qt5 (ELSA-2023-6369)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-6369 advisory. - Fix infinite loops in QXmlStreamReader CVE-2023-38197 Resolves: bz2222771 - Don't allow remote attacker to bypass security restrictions caused by fla...

qtbase: infinite loops in QXmlStreamReader

A vulnerability was found in Qtbase, where it is vulnerable to a denial of service caused by an infinite loop flaw in the QXmlStreamReader function. This flaw occurs because the QXmlStreamReader function accepts multiple DOCTYPE elements containing DTD fragments in the XML prolog and the XML body...

qtbase: buffer overflow in QXmlStreamReader

A flaw was found in the qtbase package. When given specifically crafted data, the QXmlStreamReader can end up causing a buffer overflow and, subsequently, a crash...

Huawei EulerOS: Security Advisory for qt5-qtbase (EulerOS-SA-2023-3155)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

qtbase: buffer overflow in QXmlStreamReader

A flaw was found in the qtbase package. When given specifically crafted data, the QXmlStreamReader can end up causing a buffer overflow and, subsequently, a crash...

qtbase: infinite loops in QXmlStreamReader

A vulnerability was found in Qtbase, where it is vulnerable to a denial of service caused by an infinite loop flaw in the QXmlStreamReader function. This flaw occurs because the QXmlStreamReader function accepts multiple DOCTYPE elements containing DTD fragments in the XML prolog and the XML body...

RHEL 9 : qt5 (RHSA-2023:6369)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6369 advisory. Qt is a software toolkit for developing applications. Security Fixes: qt: buffer over-read via a crafted reply from a DNS server...