Vulnerabilities > QT
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-10 | CVE-2023-32573 | Divide By Zero vulnerability in multiple products In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled. | 6.5 |
| 2023-04-15 | CVE-2023-24607 | Unspecified vulnerability in QT Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. | 7.5 |
| 2023-01-12 | CVE-2022-40983 | Integer Overflow or Wraparound vulnerability in QT 6.3.2 An integer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. | 8.8 |
| 2023-01-12 | CVE-2022-43591 | Heap-based Buffer Overflow vulnerability in QT 6.3.2 A buffer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. | 8.8 |
| 2022-03-02 | CVE-2022-25634 | Path Traversal vulnerability in QT Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory. | 5.0 |
| 2022-02-16 | CVE-2022-25255 | Unspecified vulnerability in QT In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH. | 7.2 |
| 2022-01-01 | CVE-2021-45930 | Out-of-bounds Write vulnerability in multiple products Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend (called from QPainterPath::addPath and QPathClipper::intersect). | 4.3 |
| 2021-08-12 | CVE-2021-38593 | Out-of-bounds Write vulnerability in multiple products Qt 5.x before 5.15.6 and 6.x through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath (called from QRasterPaintEngine::fill and QPaintEngineEx::stroke). | 7.5 |
| 2021-08-09 | CVE-2020-24741 | Unspecified vulnerability in QT 5.13.1/5.14.0 An issue has been fixed in Qt versions 5.14.1 and 5.12.7 where QLibrary attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files. network qt | 6.8 |
| 2021-08-09 | CVE-2020-24742 | Unspecified vulnerability in QT An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files. network qt | 6.8 |