Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qt qt vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-21035
In Qt up to and including 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for malicious users to cause a denial of service (memory consumption).
Qt Qt
7.8
CVSSv3
CVE-2020-24742
An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing malicious users to execute arbitrary code via crafted files.
Qt Qt
7.5
CVSSv3
CVE-2023-38197
An issue exists in Qt prior to 5.15.15, 6.x prior to 6.2.10, and 6.3.x up to and including 6.5.x prior to 6.5.3. There are infinite loops in recursive entity expansion.
Qt Qt
7.5
CVSSv3
CVE-2023-24607
Qt prior to 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x prior to 5.15.13, 6.x prior to 6.2.8, and 6.3.x prior to 6.4.3.
Qt Qt
9.8
CVSSv3
CVE-2023-51714
An issue exists in the HTTP2 implementation in Qt prior to 5.15.17, 6.x prior to 6.2.11, 6.3.x up to and including 6.5.x prior to 6.5.4, and 6.6.x prior to 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check.
Qt Qt
5.5
CVSSv3
CVE-2023-43114
An issue exists in Qt prior to 5.15.16, 6.x prior to 6.2.10, and 6.3.x up to and including 6.5.x prior to 6.5.3 on Windows. When using the GDI font engine, if a corrupted font is loaded via QFontDatabase::addApplicationFont{FromData], then it can cause the application to crash be...
Qt Qt
5.3
CVSSv3
CVE-2023-32762
An issue exists in Qt prior to 5.15.14, 6.x prior to 6.2.9, and 6.3.x up to and including 6.5.x prior to 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the se...
Qt Qt
7.5
CVSSv3
CVE-2023-32763
An issue exists in Qt prior to 5.15.15, 6.x prior to 6.2.9, and 6.3.x up to and including 6.5.x prior to 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered.
Qt Qt
7.5
CVSSv3
CVE-2022-25634
Qt up to and including 5.15.8 and 6.x up to and including 6.2.3 can load system library files from an unintended working directory.
Qt Qt
9.8
CVSSv3
CVE-2017-10904
Qt for Android before 5.9.0 allows remote malicious users to execute arbitrary OS commands via unspecified vectors.
Qt Qt
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »