Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qt qt vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2022-25255
In Qt 5.9.x up to and including 5.15.x prior to 5.15.9 and 6.x prior to 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.
Qt Qt
NA
CVE-2023-24607
Qt prior to 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x prior to 5.15.13, 6.x prior to 6.2.8, and 6.3.x prior to 6.4.3.
Qt Qt
6.8
CVSSv2
CVE-2020-24742
An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing malicious users to execute arbitrary code via crafted files.
Qt Qt
7.5
CVSSv2
CVE-2017-10904
Qt for Android before 5.9.0 allows remote malicious users to execute arbitrary OS commands via unspecified vectors.
Qt Qt
6.8
CVSSv2
CVE-2017-10905
A vulnerability in applications created using Qt for Android before 5.9.3 allows malicious users to alter environment variables via unspecified vectors.
Qt Qt
5
CVSSv2
CVE-2022-25634
Qt up to and including 5.15.8 and 6.x up to and including 6.2.3 can load system library files from an unintended working directory.
Qt Qt
NA
CVE-2023-34410
An issue exists in Qt prior to 5.15.15, 6.x prior to 6.2.9, and 6.3.x up to and including 6.5.x prior to 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate.
Qt Qt
NA
CVE-2023-33285
An issue exists in Qt 5.x prior to 5.15.14, 6.x prior to 6.2.9, and 6.3.x up to and including 6.5.x prior to 6.5.1. QDnsLookup has a buffer over-read via a crafted reply from a DNS server.
Qt Qt
NA
CVE-2023-51714
An issue exists in the HTTP2 implementation in Qt prior to 5.15.17, 6.x prior to 6.2.11, 6.3.x up to and including 6.5.x prior to 6.5.4, and 6.6.x prior to 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check.
Qt Qt
5
CVSSv2
CVE-2018-21035
In Qt up to and including 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for malicious users to cause a denial of service (memory consumption).
Qt Qt
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »