Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qt qtbase vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2019-18281
An out-of-bounds memory access in the generateDirectionalRuns() function in qtextengine.cpp in Qt qtbase 5.11.x and 5.12.x prior to 5.12.5 allows malicious users to cause a denial of service by crashing an application via a text file containing many directional characters.
Qt Qtbase
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5.3
CVSSv3
CVE-2023-32762
An issue exists in Qt prior to 5.15.14, 6.x prior to 6.2.9, and 6.3.x up to and including 6.5.x prior to 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the se...
Qt Qt
7.5
CVSSv3
CVE-2023-32763
An issue exists in Qt prior to 5.15.15, 6.x prior to 6.2.9, and 6.3.x up to and including 6.5.x prior to 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered.
Qt Qt
7.1
CVSSv3
CVE-2021-3481
A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelper_p.h in Qt/Qtbase. While rendering and displaying a crafted Scalable Vector Graphics (SVG) file this flaw may lead to an unauthorized memory access. ...
Qt Qt 5.15.1
Qt Qt 6.0.2
Qt Qt 6.0.0
Qt Qt 6.2.0
1 Github repository
NA
CVE-2015-1858
Multiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase module in Qt prior to 4.8.7 and 5.x prior to 5.4.2 allow remote malicious users to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted BMP image.
Digia Qt
Qt Qt 5.3.0
Qt Qt 5.4.1
Qt Qt 5.0.0
Qt Qt 5.0.1
Qt Qt 5.2.0
Qt Qt 5.2.1
Qt Qt 5.0.2
Qt Qt 5.1.0
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Fedoraproject Fedora 22
NA
CVE-2015-1859
Multiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp in the QtBase module in Qt prior to 4.8.7 and 5.x prior to 5.4.2 allow remote malicious users to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted ICO im...
Fedoraproject Fedora 22
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Digia Qt
Qt Qt 5.0.0
Qt Qt 5.4.1
Qt Qt 5.2.1
Qt Qt 5.3.0
Qt Qt 5.1.0
Qt Qt 5.2.0
Qt Qt 5.0.1
Qt Qt 5.0.2
NA
CVE-2015-1860
Multiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase module in Qt prior to 4.8.7 and 5.x prior to 5.4.2 allow remote malicious users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image.
Fedoraproject Fedora 22
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Digia Qt
Qt Qt 5.4.1
Qt Qt 5.0.0
Qt Qt 5.0.2
Qt Qt 5.0.1
Qt Qt 5.2.0
Qt Qt 5.1.0
Qt Qt 5.3.0
Qt Qt 5.2.1
7.5
CVSSv3
CVE-2015-9541
Qt up to and including 5.14 allows an exponential XML entity expansion attack via a crafted SVG document that is mishandled in QXmlStreamReader, a related issue to CVE-2003-1564.
Qt Qt
Fedoraproject Fedora 31
Fedoraproject Fedora 32
NA
CVE-2013-4549
QXmlSimpleReader in Qt prior to 5.2 allows context-dependent malicious users to cause a denial of service (memory consumption) via an XML Entity Expansion (XEE) attack.
Digia Qt
Qt Qt 5.0.2
5.3
CVSSv3
CVE-2020-17507
An issue exists in Qt up to and including 5.12.9, and 5.13.x up to and including 5.15.x prior to 5.15.1. read_xbm_body in gui/image/qxbmhandler.cpp has a buffer over-read.
Qt Qt
Debian Debian Linux 9.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »