44 matches found
Astra Linux – Vulnerability in Qt4-X11, qtsvg-opensource-src
In Qt versions prior to 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, the initialization of munitsPerEm in QtSvg QSvgFont is handled incorrectly...
TencentOS Server 2: webkitgtk4 (TSSA-2025:0554)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0554 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...
EUVD-2010-1843
Malware in sbrugna...
EUVD-2011-0994
Malware in sbrugna...
EUVD-2024-3555
Malicious code in bioql PyPI...
SUSE SLES12: libqt4 / libqt4-32bit / libqt4-devel / libqt4-devel-doc / etc (SUSE-SU-2025:02968-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02968-1 advisory. - CVE-2021-45930: Fixed out-of-bounds write leading to DoS bsc1196654 - CVE-2023-32573: Fixed missing initialization of QtSvg QSvgFont...
webkitgtk: Processing a file may lead to a denial of service or potentially disclose memory contents
A use-after-free vulnerability was found in the SVG implementation within WebKitGTK. This flaw allows remote attackers to exploit the removal of an SVGFontFaceElement object, which occurs through specific vectors that trigger the deletion of the object during rendering...
Medium: qt
Issue Overview: In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont munitsPerEm initialization is mishandled. CVE-2023-32573 Affected Packages: qt Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ secti...
Mageia: Security Advisory (MGASA-2025-0059)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2025-0059 Updated php-tcpdf packages fix security vulnerabilities
An issue was discovered in TCPDF before 6.8.0. setSVGStyles does not sanitize the SVG font-family attribute. CVE-2024-56519 An issue was discovered in TCPDF before 6.8.0. If libcurl is used, CURLOPTSSLVERIFYHOST and CURLOPTSSLVERIFYPEER are set unsafely. CVE-2024-56521 An issue was discovered in...
CVE-2024-56519
An issue was discovered in TCPDF before 6.8.0. setSVGStyles does not sanitize the SVG font-family attribute...
CVE-2024-56519
An issue was discovered in TCPDF before 6.8.0. setSVGStyles does not sanitize the SVG font-family attribute...
UBUNTU-CVE-2024-56519
An issue was discovered in TCPDF before 6.8.0. setSVGStyles does not sanitize the SVG font-family attribute...
TCPDF 安全漏洞
TCPDF is an open source library from Tecnick. It is used to generate PDF documents and barcodes. A security vulnerability exists in versions of TCPDF prior to 6.8.0 that stems from etSVGStyles does not clean up SVG font family properties...
CVE-2024-56519
An issue was discovered in TCPDF before 6.8.0. setSVGStyles does not sanitize the SVG font-family attribute...
XML External Entity Injection
fonttools is vulnerable to XML External Entity Injection. The vulnerability is due to a misconfigured xml parser which allows external entities to be included in OT-SVG font. This issue can be exploited by an attacker by building a OT-SVG font which includes xml external entities, resulting in...
The vulnerability of the QSvgFont function (Qt SVG) in the cross-platform framework for developing Qt software allows a perpetrator to trigger a service failure.
The vulnerability of the QSvgFont function Qt SVG in the cross-platform framework for Qt software development is related to the possibility of bypassing the catalog. Exploiting this vulnerability can allow a malicious actor to cause service failures...
OESA-2023-1579 qt security update
Qt pronounced as "cute", not "cu-tee" is a cross-platform framework that is usually used as a graphical toolkit, although it is also very helpful in creating CLI applications. It runs on the three major desktop OSes, as well as on mobile OSes, such as Symbian, Nokia Belle, Meego Harmattan, MeeGo ...
AZL-26670 CVE-2023-32573 affecting package qt5-qtsvg for versions less than 5.15.9-1
In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont munitsPerEm initialization is mishandled...
UBUNTU-CVE-2023-32573
In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont munitsPerEm initialization is mishandled...