Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qt qt vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2015-1860
Multiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase module in Qt prior to 4.8.7 and 5.x prior to 5.4.2 allow remote malicious users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image.
Fedoraproject Fedora 22
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Digia Qt
Qt Qt 5.4.1
Qt Qt 5.0.0
Qt Qt 5.0.2
Qt Qt 5.0.1
Qt Qt 5.2.0
Qt Qt 5.1.0
Qt Qt 5.3.0
Qt Qt 5.2.1
NA
CVE-2021-3481
A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelper_p.h in Qt/Qtbase. While rendering and displaying a crafted Scalable Vector Graphics (SVG) file this flaw may lead to an unauthorized memory access. ...
Qt Qt 5.15.1
Qt Qt 6.0.2
Qt Qt 6.0.0
Qt Qt 6.2.0
1 Github repository
NA
CVE-2021-28025
Integer Overflow vulnerability in qsvghandler.cpp in Qt qtsvg versions 5.15.1, 6.0.0, 6.0.2, and 6.2, allows local malicious users to cause a denial of service (DoS).
Qt Qt 6.2.0
Qt Qt 5.15.1
Qt Qt 6.0.2
Qt Qt 6.0.0
7.5
CVSSv2
CVE-2007-4137
Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent malicious users to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::conve...
Trolltech Qt 3.0
Trolltech Qt 3.0.3
Trolltech Qt 3.0.5
Trolltech Qt 3.1
Trolltech Qt 3.1.1
Trolltech Qt 3.1.2
Trolltech Qt 3.2.1
Trolltech Qt 3.2.3
Trolltech Qt 3.3.0
Trolltech Qt 3.3.1
Trolltech Qt 3.3.2
Trolltech Qt 3.3.3
Trolltech Qt 3.3.4
Trolltech Qt 3.3.5
Trolltech Qt 3.3.6
Trolltech Qt 3.3.7
Trolltech Qt 3.3.8
Trolltech Qt 4.1
Trolltech Qt 4.1.4
Trolltech Qt 4.1.5
Trolltech Qt 4.2
Trolltech Qt 4.2.1
4.6
CVSSv2
CVE-2005-0627
Qt prior to 3.3.4 searches the BUILD_PREFIX directory, which could be world-writable, to load shared libraries regardless of the LD_LIBRARY_PATH environment variable, which allows local users to execute arbitrary programs.
Trolltech Qt 3.0.3
Trolltech Qt 3.1
Trolltech Qt 3.3.2
Trolltech Qt 3.1.1
Trolltech Qt 3.1.2
Trolltech Qt 3.2.1
Trolltech Qt 3.2.3
Trolltech Qt 3.3.0
Trolltech Qt 3.0
Trolltech Qt 3.0.5
Trolltech Qt 3.3.1
Trolltech Qt 3.3.3
4.3
CVSSv2
CVE-2007-0242
The UTF-8 decoder in codecs/qutfcodec.cpp in Qt 3.3.8 and 4.2.3 does not reject long UTF-8 sequences as required by the standard, which allows remote malicious users to conduct cross-site scripting (XSS) and directory traversal attacks via long sequences that decode to dangerous ...
Qt Qt 3.3.8
Qt Qt 4.2.3
5
CVSSv2
CVE-2018-19865
A keystroke logging issue exists in Virtual Keyboard in Qt 5.7.x, 5.8.x, 5.9.x, 5.10.x, and 5.11.x prior to 5.11.3.
Qt Qt
Qt Qt 5.8.0
Opensuse Leap 15.0
6.9
CVSSv2
CVE-2010-3374
Qt Creator prior to 2.0.1 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Nokia Qt Creator 2.0.0
Nokia Qt Creator 1.3.1
Nokia Qt Creator 1.1.0
Nokia Qt Creator 0.9.2
Nokia Qt Creator 1.3.0
Nokia Qt Creator 1.2.90
Nokia Qt Creator 1.2.0
Nokia Qt Creator
Nokia Qt Creator 1.0.0
Nokia Qt Creator 0.9.1
5
CVSSv2
CVE-2013-4549
QXmlSimpleReader in Qt prior to 5.2 allows context-dependent malicious users to cause a denial of service (memory consumption) via an XML Entity Expansion (XEE) attack.
Digia Qt
Qt Qt 5.0.2
5.1
CVSSv2
CVE-2015-7298
ownCloud Desktop Client prior to 2.0.1, when compiled with a Qt release after 5.3.x, does not call QNetworkReply::ignoreSslErrors with the list of errors to be ignored, which makes it easier for remote malicious users to conduct man-in-the-middle (MITM) attacks by leveraging a se...
Owncloud Owncloud Desktop Client
Qt Qt 5.4.1
Qt Qt 5.3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »