Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qt qt vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-38197
An issue exists in Qt prior to 5.15.15, 6.x prior to 6.2.10, and 6.3.x up to and including 6.5.x prior to 6.5.3. There are infinite loops in recursive entity expansion.
Qt Qt
7.5
CVSSv3
CVE-2023-32763
An issue exists in Qt prior to 5.15.15, 6.x prior to 6.2.9, and 6.3.x up to and including 6.5.x prior to 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered.
Qt Qt
7.5
CVSSv3
CVE-2023-24607
Qt prior to 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x prior to 5.15.13, 6.x prior to 6.2.8, and 6.3.x prior to 6.4.3.
Qt Qt
7.5
CVSSv3
CVE-2022-25634
Qt up to and including 5.15.8 and 6.x up to and including 6.2.3 can load system library files from an unintended working directory.
Qt Qt
7.5
CVSSv3
CVE-2021-38593
Qt 5.x prior to 5.15.6 and 6.x up to and including 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath (called from QRasterPaintEngine::fill and QPaintEngineEx::stroke).
Qt Qt
Fedoraproject Fedora 35
Fedoraproject Fedora 36
7.5
CVSSv3
CVE-2020-13962
Qt 5.12.2 up to and including 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. Because errors leak in unrelated TLS sessions, an unrelated session may be discon...
Mumble Mumble 1.3.0
Qt Qt
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.2
7.5
CVSSv3
CVE-2015-3641
bitcoind and Bitcoin-Qt before 0.10.2 allow malicious users to cause a denial of service (disabled functionality such as a client application crash) via an "Easy" attack.
Bitcoin Bitcoin Core
7.5
CVSSv3
CVE-2018-21035
In Qt up to and including 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for malicious users to cause a denial of service (memory consumption).
Qt Qt
7.5
CVSSv3
CVE-2015-9541
Qt up to and including 5.14 allows an exponential XML entity expansion attack via a crafted SVG document that is mishandled in QXmlStreamReader, a related issue to CVE-2003-1564.
Qt Qt
Fedoraproject Fedora 31
Fedoraproject Fedora 32
7.5
CVSSv3
CVE-2019-15947
In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it may dump a core file. If a user were to mishandle a core file, an attacker can reconstruct the user's wallet.dat file, including their private keys, via a grep "6231 0500&q...
Bitcoin Bitcoin Core 0.18.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »