Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qt qt vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2020-17507
An issue exists in Qt up to and including 5.12.9, and 5.13.x up to and including 5.15.x prior to 5.15.1. read_xbm_body in gui/image/qxbmhandler.cpp has a buffer over-read.
Qt Qt
Debian Debian Linux 9.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
7.5
CVSSv3
CVE-2020-13962
Qt 5.12.2 up to and including 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. Because errors leak in unrelated TLS sessions, an unrelated session may be discon...
Mumble Mumble 1.3.0
Qt Qt
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.2
9.8
CVSSv3
CVE-2020-12267
setMarkdown in Qt prior to 5.14.2 has a use-after-free related to QTextMarkdownImporter::insertBlock.
Qt Qt 5.14.1
6.5
CVSSv3
CVE-2016-11034
An issue exists on Samsung mobile devices with L(5.0/5.1) and M(6.0) software. The decode function in Qjpeg in Qt 5.7 allows malicious users to trigger a system crash via a malformed image. The Samsung ID is SVE-2016-6560 (October 2016).
Google Android 5.0
Google Android 5.1
Google Android 6.0
7.8
CVSSv3
CVE-2016-11052
An issue exists on Samsung mobile devices with L(5.0/5.1) software. je_free in libQjpeg.so in Qjpeg in Qt 5.5 allows memory corruption via a malformed JPEG file. The Samsung ID is SVE-2015-5110 (January 2016).
Google Android 5.0
Google Android 5.1
7.5
CVSSv3
CVE-2015-3641
bitcoind and Bitcoin-Qt before 0.10.2 allow malicious users to cause a denial of service (disabled functionality such as a client application crash) via an "Easy" attack.
Bitcoin Bitcoin Core
5.3
CVSSv3
CVE-2018-20586
bitcoind and Bitcoin-Qt before 0.17.1 allow injection of arbitrary data into the debug log via an RPC call.
Bitcoin Bitcoin Core 0.12.0
Bitcoin Bitcoin Core 0.12.1
Bitcoin Bitcoin Core 0.13
Bitcoin Bitcoin Core 0.13.0
Bitcoin Bitcoin Core 0.13.1
Bitcoin Bitcoin Core 0.13.2
Bitcoin Bitcoin Core 0.14.0
Bitcoin Bitcoin Core 0.14.1
Bitcoin Bitcoin Core 0.14.2
Bitcoin Bitcoin Core 0.14.3
Bitcoin Bitcoin Core 0.15.0
Bitcoin Bitcoin Core 0.15.0.1
Bitcoin Bitcoin Core 0.15.1
Bitcoin Bitcoin Core 0.15.2
Bitcoin Bitcoin Core 0.16.0
Bitcoin Bitcoin Core 0.16.1
Bitcoin Bitcoin Core 0.16.2
Bitcoin Bitcoin Core 0.16.3
Bitcoin Bitcoin Core 0.17.0
5.9
CVSSv3
CVE-2017-18350
bitcoind and Bitcoin-Qt before 0.15.1 have a stack-based buffer overflow if an attacker-controlled SOCKS proxy server is used. This results from an integer signedness error when the proxy server responds with an acknowledgement of an unexpected target domain name.
Bitcoin Bitcoin Core
7.5
CVSSv3
CVE-2018-21035
In Qt up to and including 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for malicious users to cause a denial of service (memory consumption).
Qt Qt
7.5
CVSSv3
CVE-2015-9541
Qt up to and including 5.14 allows an exponential XML entity expansion attack via a crafted SVG document that is mishandled in QXmlStreamReader, a related issue to CVE-2003-1564.
Qt Qt
Fedoraproject Fedora 31
Fedoraproject Fedora 32
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »