Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qt qt vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-45935
Qt 6 up to and including 6.6 exists to contain a NULL pointer dereference via the function QXcbConnection::initializeAllAtoms(). NOTE: this is disputed because it is not expected that an X application should continue to run when there is arbitrary anomalous behavior from the X se...
NA
CVE-2024-25580
An issue exists in gui/util/qktxhandler.cpp in Qt prior to 5.15.17, 6.x prior to 6.2.12, 6.3.x up to and including 6.5.x prior to 6.5.5, and 6.6.x prior to 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file.
NA
CVE-2024-30161
In Qt 6.5.4, 6.5.5, and 6.6.2, QNetworkReply header data might be accessed via a dangling pointer in Qt for WebAssembly (wasm). (Earlier and later versions are unaffected.)
9.8
CVSSv3
CVE-2023-51714
An issue exists in the HTTP2 implementation in Qt prior to 5.15.17, 6.x prior to 6.2.11, 6.3.x up to and including 6.5.x prior to 6.5.4, and 6.6.x prior to 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check.
Qt Qt
7.6
CVSSv3
CVE-2023-42801
Moonlight-common-c contains the core GameStream client code shared between Moonlight clients. Moonlight-common-c is vulnerable to buffer overflow starting in commit f57bd745b4cbed577ea654fad4701bea4d38b44c. A malicious game streaming server could exploit a buffer overflow vulnera...
Moonlight-stream Moonlight-common-c
Moonlight-stream Moonlight
Moonlight-stream Moonlight Embedded
Moonlight-stream Moonlight Xbox
Moonlight-stream Moonlight Tv
Moonlight-stream Moonlight Switch
Moonlight-stream Moonlight Vita
Moonlight-stream Moonlight Qt\\/pc
5.5
CVSSv3
CVE-2023-43114
An issue exists in Qt prior to 5.15.16, 6.x prior to 6.2.10, and 6.3.x up to and including 6.5.x prior to 6.5.3 on Windows. When using the GDI font engine, if a corrupted font is loaded via QFontDatabase::addApplicationFont{FromData], then it can cause the application to crash be...
Qt Qt
7.5
CVSSv3
CVE-2023-37369
In Qt prior to 5.15.15, 6.x prior to 6.2.9, and 6.3.x up to and including 6.5.x prior to 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length.
Qt Qt
Debian Debian Linux 10.0
5.5
CVSSv3
CVE-2021-28025
Integer Overflow vulnerability in qsvghandler.cpp in Qt qtsvg versions 5.15.1, 6.0.0, 6.0.2, and 6.2, allows local malicious users to cause a denial of service (DoS).
Qt Qt 6.2.0
Qt Qt 5.15.1
Qt Qt 6.0.2
Qt Qt 6.0.0
4.3
CVSSv3
CVE-2023-37855
In PHOENIX CONTACTs WP 6xxx series web panels in versions before 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem within the embedded Qt browser.
Phoenixcontact Wp 6070-wvps Firmware
Phoenixcontact Wp 6101-wxps Firmware
Phoenixcontact Wp 6121-wxps Firmware
Phoenixcontact Wp 6156-whps Firmware
Phoenixcontact Wp 6185-whps Firmware
Phoenixcontact Wp 6215-whps Firmware
4.3
CVSSv3
CVE-2023-37856
In PHOENIX CONTACTs WP 6xxx series web panels in versions before 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem through a configuration dialog within the embedded Qt browser .
Phoenixcontact Wp 6070-wvps Firmware
Phoenixcontact Wp 6101-wxps Firmware
Phoenixcontact Wp 6121-wxps Firmware
Phoenixcontact Wp 6156-whps Firmware
Phoenixcontact Wp 6185-whps Firmware
Phoenixcontact Wp 6215-whps Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »