Vendor CVEs
Qt
All CVEs
52 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-10904 | Cri | 0.64 | 9.8 | 0.02 | Dec 16, 2017 | Qt for Android prior to 5.9.0 allows remote attackers to execute arbitrary OS commands via unspecified vectors. | ||
| CVE-2025-10729 | Cri | 0.61 | — | 0.00 | Oct 3, 2025 | The module will parse a node which is not a child of a structural node. The node will be deleted after creation but might be accessed later leading to a use after free. | ||
| CVE-2025-10728 | Cri | 0.61 | — | 0.00 | Oct 3, 2025 | When the module renders a Svg file that contains a element, it might end up rendering it recursively leading to stack overflow DoS | ||
| CVE-2025-6338 | Cri | 0.60 | — | 0.00 | Oct 16, 2025 | There is an incomplete cleanup vulnerability in Qt Network's Schannel support on Windows which can lead to a Denial of Service over a long period.This issue affects Qt from 5.15.0 through 6.8.3, from 6.9.0 before 6.9.2. | ||
| CVE-2025-12385 | Hig | 0.57 | — | 0.00 | Dec 3, 2025 | Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text… | ||
| CVE-2015-1290 | Hig | 0.57 | 8.8 | 0.03 | Jan 9, 2018 | The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and QtWebEngineCore in Qt before 5.5.1, allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted web site. | ||
| CVE-2025-5455 | Hig | 0.55 | — | 0.00 | Jun 2, 2025 | An issue was found in the private API function qDecodeDataUrl() in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that contained a "charset" parameter that lacked a… | ||
| CVE-2025-14576 | Hig | 0.51 | 7.8 | 0.00 | Apr 30, 2026 | Insufficient validation of node IDs in Qt SVG module allows arbitrary QML/JavaScript code injection when loading malicious SVG files through the VectorImage component in Qt Quick. While QML execution is typically more restricted than native code execution, this could still lead… | ||
| CVE-2017-15011 | Hig | 0.49 | 7.5 | 0.01 | Oct 4, 2017 | The named pipes in qtsingleapp in Qt 5.x, as used in qBittorrent and SugarSync, are configured for remote access and allow remote attackers to cause a denial of service (application crash) via an unspecified string. | ||
| CVE-2025-4211 | Hig | 0.47 | — | 0.00 | May 16, 2025 | Improper Link Resolution Before File Access ('Link Following') vulnerability in QFileSystemEngine in the Qt corelib module on Windows which potentially allows Symlink Attacks and the use of Malicious Files. Issue originates from CVE-2024-38081. The vulnerability arises from the… | ||
| CVE-2023-45872 | Med | 0.42 | 6.5 | 0.00 | Oct 9, 2024 | An issue was discovered in Qt before 6.2.11 and 6.3.x through 6.6.x before 6.6.1. When a QML image refers to an image whose content is not known yet, there is an assumption that it is an SVG document, leading to a denial of service (application crash) if it is not actually an… | ||
| CVE-2016-10040 | Med | 0.36 | 5.5 | 0.02 | Mar 7, 2017 | Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote attackers to cause a denial of service (application crash) via a xml file with multiple nested open tags. | ||
| CVE-2015-8079 | Med | 0.35 | 5.3 | 0.01 | Sep 7, 2017 | qt5-qtwebkit before 5.4 records private browsing URLs to its favicon database, WebpageIcons.db. | ||
| CVE-2017-10905 | Med | 0.34 | 5.3 | 0.01 | Dec 16, 2017 | A vulnerability in applications created using Qt for Android prior to 5.9.3 allows attackers to alter environment variables via unspecified vectors. | ||
| CVE-2025-3512 | Med | 0.31 | — | 0.00 | Apr 11, 2025 | There is a Heap-based Buffer Overflow vulnerability in QTextMarkdownImporter. This requires an incorrectly formatted markdown file to be passed to QTextMarkdownImporter to trigger the overflow.This issue affects Qt from 6.8.0 to 6.8.4. Versions up to 6.6.0 are known to be… | ||
| CVE-2023-45935 | Med | 0.27 | 4.2 | 0.00 | Mar 27, 2024 | Qt 6 through 6.6 was discovered to contain a NULL pointer dereference via the function QXcbConnection::initializeAllAtoms(). NOTE: this is disputed because it is not expected that an X application should continue to run when there is arbitrary anomalous behavior from the X… | ||
| CVE-2025-5992 | Low | 0.15 | — | 0.00 | Jul 11, 2025 | When passing values outside of the expected range to QColorTransferGenericFunction it can cause a denial of service, for example, this can happen when passing a specifically crafted ICC profile to QColorSpace::fromICCProfile.This issue affects Qt from 6.6.0 through 6.8.3, from… | ||
| CVE-2025-5991 | Low | 0.14 | — | 0.00 | Jun 11, 2025 | There is a "Use After Free" vulnerability in Qt's QHttp2ProtocolHandler in the QtNetwork module. This only affects HTTP/2 handling, HTTP handling is not affected by this at all. This happens due to a race condition between how QHttp2Stream uploads the body of a POST request and… | ||
| CVE-2025-14575 | Low | 0.12 | — | 0.00 | May 19, 2026 | An Uncontrolled Search Path Element vulnerability in the OpenSSL TLS backend of Qt Network (qtbase) in Qt Qt Framework (Unix) allows a local attacker to load a rogue CA certificate as a trusted system authority via a crafted certificate file placed in the application's working… | ||
| CVE-2009-1551 | 0.05 | — | 0.27 | May 6, 2009 | Multiple PHP remote file inclusion vulnerabilities in Qt quickteam 2 allow remote attackers to execute arbitrary PHP code via a URL in the (1) qte_web_path parameter to qte_web.php and the (2) qte_root parameter to bin/qte_init.php. | |||
| CVE-2010-2621 | 0.04 | — | 0.11 | Jul 2, 2010 | The QSslSocketBackendPrivate::transmit function in src_network_ssl_qsslsocket_openssl.cpp in Qt 4.6.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed request. | |||
| CVE-2015-1860 | 0.01 | — | 0.09 | May 12, 2015 | Multiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image. | |||
| CVE-2015-1859 | 0.01 | — | 0.07 | May 12, 2015 | Multiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted ICO image. | |||
| CVE-2015-1858 | 0.01 | — | 0.07 | May 12, 2015 | Multiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted BMP image. | |||
| CVE-2011-3194 | 0.01 | — | 0.07 | Jun 16, 2012 | Buffer overflow in the TIFF reader in gui/image/qtiffhandler.cpp in Qt 4.7.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the TIFFTAG_SAMPLESPERPIXEL tag in a greyscale TIFF image with multiple samples per pixel. | |||
| CVE-2011-3193 | 0.01 | — | 0.08 | Jun 16, 2012 | Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.c), as used by Qt before 4.7.4 and Pango, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file. | |||
| CVE-2025-30348 | 0.00 | — | 0.00 | Mar 21, 2025 | encodeText in QDom in Qt before 6.8.0 has a complex algorithm involving XML string copy and inline replacement of parts of a string (with relocation of later data). | |||
| CVE-2021-28025 | 0.00 | — | 0.00 | Aug 11, 2023 | Integer Overflow vulnerability in qsvghandler.cpp in Qt qtsvg versions 5.15.1, 6.0.0, 6.0.2, and 6.2, allows local attackers to cause a denial of service (DoS). | |||
| CVE-2023-33285 | 0.00 | — | 0.01 | May 22, 2023 | An issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. QDnsLookup has a buffer over-read via a crafted reply from a DNS server. | |||
| CVE-2023-32573 | 0.00 | — | 0.01 | May 10, 2023 | In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled. | |||
| CVE-2021-3481 | 0.00 | — | 0.01 | Aug 22, 2022 | A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelper_p.h in Qt/Qtbase. While rendering and displaying a crafted Scalable Vector Graphics (SVG) file this flaw may lead to an unauthorized memory access.… | |||
| CVE-2021-45930 | 0.00 | — | 0.01 | Dec 31, 2021 | Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend (called from QPainterPath::addPath and QPathClipper::intersect). | |||
| CVE-2020-0569 | 0.00 | — | 0.01 | Nov 23, 2020 | Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access. | |||
| CVE-2020-0570 | 0.00 | — | 0.01 | Sep 14, 2020 | Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access. | |||
| CVE-2019-18281 | 0.00 | — | 0.02 | Oct 23, 2019 | An out-of-bounds memory access in the generateDirectionalRuns() function in qtextengine.cpp in Qt qtbase 5.11.x and 5.12.x before 5.12.5 allows attackers to cause a denial of service by crashing an application via a text file containing many directional characters. | |||
| CVE-2018-19872 | 0.00 | — | 0.01 | Mar 15, 2019 | An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp. | |||
| CVE-2018-19871 | 0.00 | — | 0.02 | Dec 26, 2018 | An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption. | |||
| CVE-2018-19869 | 0.00 | — | 0.02 | Dec 26, 2018 | An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp. | |||
| CVE-2018-15518 | 0.00 | — | 0.03 | Dec 26, 2018 | QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document. | |||
| CVE-2018-19873 | 0.00 | — | 0.03 | Dec 26, 2018 | An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data. | |||
| CVE-2018-19870 | 0.00 | — | 0.02 | Dec 26, 2018 | An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault. | |||
| CVE-2015-7298 | 0.00 | — | 0.01 | Oct 26, 2015 | ownCloud Desktop Client before 2.0.1, when compiled with a Qt release after 5.3.x, does not call QNetworkReply::ignoreSslErrors with the list of errors to be ignored, which makes it easier for remote attackers to conduct man-in-the-middle (MITM) attacks by leveraging a server… | |||
| CVE-2014-0190 | 0.00 | — | 0.04 | May 8, 2014 | The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and height values in a GIF image. | |||
| CVE-2013-4549 | 0.00 | — | 0.03 | Dec 23, 2013 | QXmlSimpleReader in Qt before 5.2 allows context-dependent attackers to cause a denial of service (memory consumption) via an XML Entity Expansion (XEE) attack. | |||
| CVE-2012-6093 | 0.00 | — | 0.02 | Feb 24, 2013 | The QSslSocket::sslErrors function in Qt before 4.6.5, 4.7.x before 4.7.6, 4.8.x before 4.8.5, when using certain versions of openSSL, uses an "incompatible structure layout" that can read memory from the wrong location, which causes Qt to report an incorrect error when… | |||
| CVE-2012-5624 | 0.00 | — | 0.02 | Feb 24, 2013 | The XMLHttpRequest object in Qt before 4.8.4 enables http redirection to the file scheme, which allows man-in-the-middle attackers to force the read of arbitrary local files and possibly obtain sensitive information via a file: URL to a QML application. | |||
| CVE-2013-0254 | 0.00 | — | 0.00 | Feb 6, 2013 | The QSharedMemory class in Qt 5.0.0, 4.8.x before 4.8.5, 4.7.x before 4.7.6, and other versions including 4.4.0 uses weak permissions (world-readable and world-writable) for shared memory segments, which allows local users to read sensitive information or modify critical program… | |||
| CVE-2010-5076 | 0.00 | — | 0.01 | Jun 29, 2012 | QSslSocket in Qt before 4.7.0-rc1 recognizes a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. | |||
| CVE-2009-4975 | 0.00 | — | 0.01 | Aug 2, 2010 | Cross-site scripting (XSS) vulnerability in webview.cpp in QtDemoBrowser allows remote attackers to inject arbitrary web script or HTML via a URL associated with a nonexistent domain name, related to a "universal XSS" issue, a similar vulnerability to CVE-2010-2536. | |||
| CVE-2009-2700 | 0.00 | — | 0.01 | Sep 2, 2009 | src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted… |
- risk 0.64cvss 9.8epss 0.02
Qt for Android prior to 5.9.0 allows remote attackers to execute arbitrary OS commands via unspecified vectors.
- risk 0.61cvss —epss 0.00
The module will parse a node which is not a child of a structural node. The node will be deleted after creation but might be accessed later leading to a use after free.
- risk 0.61cvss —epss 0.00
When the module renders a Svg file that contains a element, it might end up rendering it recursively leading to stack overflow DoS
- risk 0.60cvss —epss 0.00
There is an incomplete cleanup vulnerability in Qt Network's Schannel support on Windows which can lead to a Denial of Service over a long period.This issue affects Qt from 5.15.0 through 6.8.3, from 6.9.0 before 6.9.2.
- risk 0.57cvss —epss 0.00
Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text…
- risk 0.57cvss 8.8epss 0.03
The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and QtWebEngineCore in Qt before 5.5.1, allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted web site.
- risk 0.55cvss —epss 0.00
An issue was found in the private API function qDecodeDataUrl() in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that contained a "charset" parameter that lacked a…
- risk 0.51cvss 7.8epss 0.00
Insufficient validation of node IDs in Qt SVG module allows arbitrary QML/JavaScript code injection when loading malicious SVG files through the VectorImage component in Qt Quick. While QML execution is typically more restricted than native code execution, this could still lead…
- risk 0.49cvss 7.5epss 0.01
The named pipes in qtsingleapp in Qt 5.x, as used in qBittorrent and SugarSync, are configured for remote access and allow remote attackers to cause a denial of service (application crash) via an unspecified string.
- risk 0.47cvss —epss 0.00
Improper Link Resolution Before File Access ('Link Following') vulnerability in QFileSystemEngine in the Qt corelib module on Windows which potentially allows Symlink Attacks and the use of Malicious Files. Issue originates from CVE-2024-38081. The vulnerability arises from the…
- risk 0.42cvss 6.5epss 0.00
An issue was discovered in Qt before 6.2.11 and 6.3.x through 6.6.x before 6.6.1. When a QML image refers to an image whose content is not known yet, there is an assumption that it is an SVG document, leading to a denial of service (application crash) if it is not actually an…
- risk 0.36cvss 5.5epss 0.02
Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote attackers to cause a denial of service (application crash) via a xml file with multiple nested open tags.
- risk 0.35cvss 5.3epss 0.01
qt5-qtwebkit before 5.4 records private browsing URLs to its favicon database, WebpageIcons.db.
- risk 0.34cvss 5.3epss 0.01
A vulnerability in applications created using Qt for Android prior to 5.9.3 allows attackers to alter environment variables via unspecified vectors.
- risk 0.31cvss —epss 0.00
There is a Heap-based Buffer Overflow vulnerability in QTextMarkdownImporter. This requires an incorrectly formatted markdown file to be passed to QTextMarkdownImporter to trigger the overflow.This issue affects Qt from 6.8.0 to 6.8.4. Versions up to 6.6.0 are known to be…
- risk 0.27cvss 4.2epss 0.00
Qt 6 through 6.6 was discovered to contain a NULL pointer dereference via the function QXcbConnection::initializeAllAtoms(). NOTE: this is disputed because it is not expected that an X application should continue to run when there is arbitrary anomalous behavior from the X…
- risk 0.15cvss —epss 0.00
When passing values outside of the expected range to QColorTransferGenericFunction it can cause a denial of service, for example, this can happen when passing a specifically crafted ICC profile to QColorSpace::fromICCProfile.This issue affects Qt from 6.6.0 through 6.8.3, from…
- risk 0.14cvss —epss 0.00
There is a "Use After Free" vulnerability in Qt's QHttp2ProtocolHandler in the QtNetwork module. This only affects HTTP/2 handling, HTTP handling is not affected by this at all. This happens due to a race condition between how QHttp2Stream uploads the body of a POST request and…
- risk 0.12cvss —epss 0.00
An Uncontrolled Search Path Element vulnerability in the OpenSSL TLS backend of Qt Network (qtbase) in Qt Qt Framework (Unix) allows a local attacker to load a rogue CA certificate as a trusted system authority via a crafted certificate file placed in the application's working…
- CVE-2009-1551May 6, 2009risk 0.05cvss —epss 0.27
Multiple PHP remote file inclusion vulnerabilities in Qt quickteam 2 allow remote attackers to execute arbitrary PHP code via a URL in the (1) qte_web_path parameter to qte_web.php and the (2) qte_root parameter to bin/qte_init.php.
- CVE-2010-2621Jul 2, 2010risk 0.04cvss —epss 0.11
The QSslSocketBackendPrivate::transmit function in src_network_ssl_qsslsocket_openssl.cpp in Qt 4.6.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed request.
- CVE-2015-1860May 12, 2015risk 0.01cvss —epss 0.09
Multiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image.
- CVE-2015-1859May 12, 2015risk 0.01cvss —epss 0.07
Multiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted ICO image.
- CVE-2015-1858May 12, 2015risk 0.01cvss —epss 0.07
Multiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted BMP image.
- CVE-2011-3194Jun 16, 2012risk 0.01cvss —epss 0.07
Buffer overflow in the TIFF reader in gui/image/qtiffhandler.cpp in Qt 4.7.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the TIFFTAG_SAMPLESPERPIXEL tag in a greyscale TIFF image with multiple samples per pixel.
- CVE-2011-3193Jun 16, 2012risk 0.01cvss —epss 0.08
Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.c), as used by Qt before 4.7.4 and Pango, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.
- CVE-2025-30348Mar 21, 2025risk 0.00cvss —epss 0.00
encodeText in QDom in Qt before 6.8.0 has a complex algorithm involving XML string copy and inline replacement of parts of a string (with relocation of later data).
- CVE-2021-28025Aug 11, 2023risk 0.00cvss —epss 0.00
Integer Overflow vulnerability in qsvghandler.cpp in Qt qtsvg versions 5.15.1, 6.0.0, 6.0.2, and 6.2, allows local attackers to cause a denial of service (DoS).
- CVE-2023-33285May 22, 2023risk 0.00cvss —epss 0.01
An issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. QDnsLookup has a buffer over-read via a crafted reply from a DNS server.
- CVE-2023-32573May 10, 2023risk 0.00cvss —epss 0.01
In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.
- CVE-2021-3481Aug 22, 2022risk 0.00cvss —epss 0.01
A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelper_p.h in Qt/Qtbase. While rendering and displaying a crafted Scalable Vector Graphics (SVG) file this flaw may lead to an unauthorized memory access.…
- CVE-2021-45930Dec 31, 2021risk 0.00cvss —epss 0.01
Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend (called from QPainterPath::addPath and QPathClipper::intersect).
- CVE-2020-0569Nov 23, 2020risk 0.00cvss —epss 0.01
Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access.
- CVE-2020-0570Sep 14, 2020risk 0.00cvss —epss 0.01
Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access.
- CVE-2019-18281Oct 23, 2019risk 0.00cvss —epss 0.02
An out-of-bounds memory access in the generateDirectionalRuns() function in qtextengine.cpp in Qt qtbase 5.11.x and 5.12.x before 5.12.5 allows attackers to cause a denial of service by crashing an application via a text file containing many directional characters.
- CVE-2018-19872Mar 15, 2019risk 0.00cvss —epss 0.01
An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp.
- CVE-2018-19871Dec 26, 2018risk 0.00cvss —epss 0.02
An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.
- CVE-2018-19869Dec 26, 2018risk 0.00cvss —epss 0.02
An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp.
- CVE-2018-15518Dec 26, 2018risk 0.00cvss —epss 0.03
QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document.
- CVE-2018-19873Dec 26, 2018risk 0.00cvss —epss 0.03
An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.
- CVE-2018-19870Dec 26, 2018risk 0.00cvss —epss 0.02
An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault.
- CVE-2015-7298Oct 26, 2015risk 0.00cvss —epss 0.01
ownCloud Desktop Client before 2.0.1, when compiled with a Qt release after 5.3.x, does not call QNetworkReply::ignoreSslErrors with the list of errors to be ignored, which makes it easier for remote attackers to conduct man-in-the-middle (MITM) attacks by leveraging a server…
- CVE-2014-0190May 8, 2014risk 0.00cvss —epss 0.04
The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and height values in a GIF image.
- CVE-2013-4549Dec 23, 2013risk 0.00cvss —epss 0.03
QXmlSimpleReader in Qt before 5.2 allows context-dependent attackers to cause a denial of service (memory consumption) via an XML Entity Expansion (XEE) attack.
- CVE-2012-6093Feb 24, 2013risk 0.00cvss —epss 0.02
The QSslSocket::sslErrors function in Qt before 4.6.5, 4.7.x before 4.7.6, 4.8.x before 4.8.5, when using certain versions of openSSL, uses an "incompatible structure layout" that can read memory from the wrong location, which causes Qt to report an incorrect error when…
- CVE-2012-5624Feb 24, 2013risk 0.00cvss —epss 0.02
The XMLHttpRequest object in Qt before 4.8.4 enables http redirection to the file scheme, which allows man-in-the-middle attackers to force the read of arbitrary local files and possibly obtain sensitive information via a file: URL to a QML application.
- CVE-2013-0254Feb 6, 2013risk 0.00cvss —epss 0.00
The QSharedMemory class in Qt 5.0.0, 4.8.x before 4.8.5, 4.7.x before 4.7.6, and other versions including 4.4.0 uses weak permissions (world-readable and world-writable) for shared memory segments, which allows local users to read sensitive information or modify critical program…
- CVE-2010-5076Jun 29, 2012risk 0.00cvss —epss 0.01
QSslSocket in Qt before 4.7.0-rc1 recognizes a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.
- CVE-2009-4975Aug 2, 2010risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in webview.cpp in QtDemoBrowser allows remote attackers to inject arbitrary web script or HTML via a URL associated with a nonexistent domain name, related to a "universal XSS" issue, a similar vulnerability to CVE-2010-2536.
- CVE-2009-2700Sep 2, 2009risk 0.00cvss —epss 0.01
src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted…
Page 1 of 2