Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qt qt vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-51714
An issue exists in the HTTP2 implementation in Qt prior to 5.15.17, 6.x prior to 6.2.11, 6.3.x up to and including 6.5.x prior to 6.5.4, and 6.6.x prior to 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check.
Qt Qt
7.5
CVSSv3
CVE-2018-21035
In Qt up to and including 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for malicious users to cause a denial of service (memory consumption).
Qt Qt
7.8
CVSSv3
CVE-2022-25255
In Qt 5.9.x up to and including 5.15.x prior to 5.15.9 and 6.x prior to 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.
Qt Qt
5.3
CVSSv3
CVE-2023-32762
An issue exists in Qt prior to 5.15.14, 6.x prior to 6.2.9, and 6.3.x up to and including 6.5.x prior to 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the se...
Qt Qt
7.5
CVSSv3
CVE-2023-32763
An issue exists in Qt prior to 5.15.15, 6.x prior to 6.2.9, and 6.3.x up to and including 6.5.x prior to 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered.
Qt Qt
7.8
CVSSv3
CVE-2020-24742
An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing malicious users to execute arbitrary code via crafted files.
Qt Qt
5.5
CVSSv3
CVE-2023-43114
An issue exists in Qt prior to 5.15.16, 6.x prior to 6.2.10, and 6.3.x up to and including 6.5.x prior to 6.5.3 on Windows. When using the GDI font engine, if a corrupted font is loaded via QFontDatabase::addApplicationFont{FromData], then it can cause the application to crash be...
Qt Qt
5.3
CVSSv3
CVE-2023-34410
An issue exists in Qt prior to 5.15.15, 6.x prior to 6.2.9, and 6.3.x up to and including 6.5.x prior to 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate.
Qt Qt
7.5
CVSSv3
CVE-2022-25634
Qt up to and including 5.15.8 and 6.x up to and including 6.2.3 can load system library files from an unintended working directory.
Qt Qt
7.5
CVSSv3
CVE-2023-24607
Qt prior to 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x prior to 5.15.13, 6.x prior to 6.2.8, and 6.3.x prior to 6.4.3.
Qt Qt
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »