Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qt qt 4.2.3 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-5624
The XMLHttpRequest object in Qt prior to 4.8.4 enables http redirection to the file scheme, which allows man-in-the-middle malicious users to force the read of arbitrary local files and possibly obtain sensitive information via a file: URL to a QML application.
Qt Qt 4.2.3
Digia Qt
Qt Qt 1.41
Qt Qt 1.44
Qt Qt 1.45
Qt Qt 1.42
Qt Qt 1.43
Qt Qt 2.0.0
Qt Qt 3.3.0
Qt Qt 2.0.1
Qt Qt 2.0.2
Qt Qt 3.3.3
Qt Qt 3.3.4
Qt Qt 3.3.1
Qt Qt 3.3.2
Qt Qt 4.0.1
Qt Qt 4.1.0
Qt Qt 3.3.5
Qt Qt 3.3.6
Qt Qt 4.1.3
Qt Qt 4.1.4
Qt Qt 4.1.1
NA
CVE-2013-0254
The QSharedMemory class in Qt 5.0.0, 4.8.x prior to 4.8.5, 4.7.x prior to 4.7.6, and other versions including 4.4.0 uses weak permissions (world-readable and world-writable) for shared memory segments, which allows local users to read sensitive information or modify critical prog...
Qt Qt 1.41
Qt Qt 1.44
Qt Qt 1.45
Qt Qt 1.42
Qt Qt 1.43
Qt Qt 2.0.0
Qt Qt 2.0.1
Qt Qt 2.0.2
Qt Qt 3.3.4
Qt Qt 3.3.5
Qt Qt 3.3.6
Qt Qt 3.3.2
Qt Qt 3.3.3
Qt Qt 3.3.0
Qt Qt 3.3.1
Qt Qt 4.1.2
Qt Qt 4.1.3
Qt Qt 4.1.4
Qt Qt 4.1.5
Qt Qt 4.1.0
Qt Qt 4.1.1
Qt Qt 4.0.0
NA
CVE-2010-5076
QSslSocket in Qt prior to 4.7.0-rc1 recognizes a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle malicious users to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification ...
Digia Qt
Qt Qt 4.6.3
Qt Qt 4.6.2
Qt Qt 4.3.1
Qt Qt 4.3.0
Qt Qt 4.3.4
Qt Qt 4.3.5
Qt Qt 4.6.0
Qt Qt 4.5.2
Qt Qt 4.4.3
Qt Qt 4.3.2
Qt Qt 4.2.3
Qt Qt 4.2.0
Qt Qt 4.0.1
Qt Qt 4.5.0
Qt Qt 4.5.1
Qt Qt 4.4.0
Qt Qt 4.4.1
Qt Qt 4.1.0
Qt Qt 4.1.4
Qt Qt 4.1.3
Qt Qt 4.1.2
NA
CVE-2010-2621
The QSslSocketBackendPrivate::transmit function in src_network_ssl_qsslsocket_openssl.cpp in Qt 4.6.3 and previous versions allows remote malicious users to cause a denial of service (infinite loop) via a malformed request.
Qt Qt 4.6.0
Qt Qt 4.5.2
Qt Qt 4.5.3
Qt Qt 4.5.0
Qt Qt 4.2.0
Qt Qt 4.1.5
Qt Qt 4.1.0
Qt Qt 4.1.4
Digia Qt
Qt Qt 4.6.1
Qt Qt 4.4.0
Qt Qt 4.4.2
Qt Qt 4.3.5
Qt Qt 4.2.1
Qt Qt 4.1.3
Qt Qt 4.1.1
Qt Qt 4.3.3
Qt Qt 4.3.2
Qt Qt 4.3.1
Qt Qt 4.3.0
Qt Qt 4.0.0
Qt Qt 4.6.2
1 EDB exploit
NA
CVE-2009-2700
src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle malicious users to spoof arbitrary SSL servers via a cr...
Qt Qt 4.7.3
Qt Qt 4.7.2
Qt Qt 4.0.0
Qt Qt 4.7.4
Qt Qt 4.3.4
Qt Qt 4.3.5
Qt Qt 4.5.0
Qt Qt 4.5.1
Qt Qt 4.4.2
Qt Qt 4.1.2
Qt Qt 4.1.1
Qt Qt 4.8.2
Qt Qt 4.7.1
Qt Qt 4.2.0
Qt Qt 4.6.0
Qt Qt 4.6.1
Qt Qt 4.4.0
Qt Qt 4.4.3
Qt Qt 4.2.1
Qt Qt 4.0.1
Qt Qt 4.1.3
Qt Qt 4.8.1
NA
CVE-2007-4137
Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent malicious users to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::conve...
Trolltech Qt 3.0
Trolltech Qt 3.0.3
Trolltech Qt 3.0.5
Trolltech Qt 3.1
Trolltech Qt 3.1.1
Trolltech Qt 3.1.2
Trolltech Qt 3.2.1
Trolltech Qt 3.2.3
Trolltech Qt 3.3.0
Trolltech Qt 3.3.1
Trolltech Qt 3.3.2
Trolltech Qt 3.3.3
Trolltech Qt 3.3.4
Trolltech Qt 3.3.5
Trolltech Qt 3.3.6
Trolltech Qt 3.3.7
Trolltech Qt 3.3.8
Trolltech Qt 4.1
Trolltech Qt 4.1.4
Trolltech Qt 4.1.5
Trolltech Qt 4.2
Trolltech Qt 4.2.1
NA
CVE-2007-0242
The UTF-8 decoder in codecs/qutfcodec.cpp in Qt 3.3.8 and 4.2.3 does not reject long UTF-8 sequences as required by the standard, which allows remote malicious users to conduct cross-site scripting (XSS) and directory traversal attacks via long sequences that decode to dangerous ...
Qt Qt 3.3.8
Qt Qt 4.2.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started