Lucene search
K

44 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Qt4-X11, qtsvg-opensource-src

In Qt versions prior to 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, the initialization of munitsPerEm in QtSvg QSvgFont is handled incorrectly...

6.5CVSS6.3AI score0.00877EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.14 views

TencentOS Server 2: webkitgtk4 (TSSA-2025:0554)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0554 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

10CVSS7.9AI score0.77246EPSS
Exploits40References226
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2010-1843

Malware in sbrugna...

9.3CVSS8.3AI score0.03284EPSS
Exploits1References14
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2011-0994

Malware in sbrugna...

10CVSS6.1AI score0.02631EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-3555

Malicious code in bioql PyPI...

7.5CVSS6.2AI score0.00603EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.3 views

SUSE SLES12: libqt4 / libqt4-32bit / libqt4-devel / libqt4-devel-doc / etc (SUSE-SU-2025:02968-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02968-1 advisory. - CVE-2021-45930: Fixed out-of-bounds write leading to DoS bsc1196654 - CVE-2023-32573: Fixed missing initialization of QtSvg QSvgFont...

8.4CVSS6.9AI score0.01343EPSS
Exploits2References27
RedHat Linux
RedHat Linux
added 2025/07/07 2:28 a.m.4 views

webkitgtk: Processing a file may lead to a denial of service or potentially disclose memory contents

A use-after-free vulnerability was found in the SVG implementation within WebKitGTK. This flaw allows remote attackers to exploit the removal of an SVGFontFaceElement object, which occurs through specific vectors that trigger the deletion of the object during rendering...

7.5CVSS7.4AI score0.01667EPSS
Exploits0References5
Amazon
Amazon
added 2025/04/30 12:0 a.m.5 views

Medium: qt

Issue Overview: In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont munitsPerEm initialization is mishandled. CVE-2023-32573 Affected Packages: qt Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ secti...

6.5CVSS7AI score0.00877EPSS
Exploits0
OpenVAS
OpenVAS
added 2025/02/13 12:0 a.m.12 views

Mageia: Security Advisory (MGASA-2025-0059)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.1AI score0.00748EPSS
Exploits1References4
OSV
OSV
added 2025/02/12 9:31 p.m.11 views

MGASA-2025-0059 Updated php-tcpdf packages fix security vulnerabilities

An issue was discovered in TCPDF before 6.8.0. setSVGStyles does not sanitize the SVG font-family attribute. CVE-2024-56519 An issue was discovered in TCPDF before 6.8.0. If libcurl is used, CURLOPTSSLVERIFYHOST and CURLOPTSSLVERIFYPEER are set unsafely. CVE-2024-56521 An issue was discovered in...

9.8CVSS7.3AI score0.00748EPSS
Exploits1References3
NVD
NVD
added 2024/12/27 5:15 a.m.17 views

CVE-2024-56519

An issue was discovered in TCPDF before 6.8.0. setSVGStyles does not sanitize the SVG font-family attribute...

7.5CVSS0.00603EPSS
Exploits0References4
OSV
OSV
added 2024/12/27 5:15 a.m.12 views

CVE-2024-56519

An issue was discovered in TCPDF before 6.8.0. setSVGStyles does not sanitize the SVG font-family attribute...

7.5CVSS6.7AI score
Exploits0References4
OSV
OSV
added 2024/12/27 5:15 a.m.3 views

UBUNTU-CVE-2024-56519

An issue was discovered in TCPDF before 6.8.0. setSVGStyles does not sanitize the SVG font-family attribute...

7.5CVSS5.8AI score0.00603EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/12/27 12:0 a.m.2 views

TCPDF 安全漏洞

TCPDF is an open source library from Tecnick. It is used to generate PDF documents and barcodes. A security vulnerability exists in versions of TCPDF prior to 6.8.0 that stems from etSVGStyles does not clean up SVG font family properties...

7.5CVSS6.4AI score0.00603EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/12/27 12:0 a.m.12 views

CVE-2024-56519

An issue was discovered in TCPDF before 6.8.0. setSVGStyles does not sanitize the SVG font-family attribute...

6.8AI score0.00603EPSS
Exploits0References3
Veracode
Veracode
added 2024/01/10 6:41 a.m.21 views

XML External Entity Injection

fonttools is vulnerable to XML External Entity Injection. The vulnerability is due to a misconfigured xml parser which allows external entities to be included in OT-SVG font. This issue can be exploited by an attacker by building a OT-SVG font which includes xml external entities, resulting in...

7.5CVSS6.3AI score0.01228EPSS
Exploits1References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/09/04 12:0 a.m.5 views

The vulnerability of the QSvgFont function (Qt SVG) in the cross-platform framework for developing Qt software allows a perpetrator to trigger a service failure.

The vulnerability of the QSvgFont function Qt SVG in the cross-platform framework for Qt software development is related to the possibility of bypassing the catalog. Exploiting this vulnerability can allow a malicious actor to cause service failures...

7.8CVSS7.1AI score0.00877EPSS
Exploits0References14Affected Software9
OSV
OSV
added 2023/09/02 11:5 a.m.2 views

OESA-2023-1579 qt security update

Qt pronounced as "cute", not "cu-tee" is a cross-platform framework that is usually used as a graphical toolkit, although it is also very helpful in creating CLI applications. It runs on the three major desktop OSes, as well as on mobile OSes, such as Symbian, Nokia Belle, Meego Harmattan, MeeGo ...

6.5CVSS6.8AI score0.00877EPSS
Exploits0References2
OSV
OSV
added 2023/05/10 6:15 a.m.5 views

AZL-26670 CVE-2023-32573 affecting package qt5-qtsvg for versions less than 5.15.9-1

In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont munitsPerEm initialization is mishandled...

6.5CVSS7AI score0.00877EPSS
Exploits0References1
OSV
OSV
added 2023/05/10 6:15 a.m.4 views

UBUNTU-CVE-2023-32573

In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont munitsPerEm initialization is mishandled...

6.5CVSS6.9AI score0.00877EPSS
Exploits0References4
Rows per page
Query Builder