Vulnerabilities > QT
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-02 | CVE-2022-25634 | Path Traversal vulnerability in QT Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory. | 5.0 |
| 2022-02-16 | CVE-2022-25255 | Unspecified vulnerability in QT In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH. | 7.2 |
| 2022-01-01 | CVE-2021-45930 | Out-of-bounds Write vulnerability in multiple products Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend (called from QPainterPath::addPath and QPathClipper::intersect). | 4.3 |
| 2021-08-12 | CVE-2021-38593 | Out-of-bounds Write vulnerability in QT Qt 5.x before 5.15.6 and 6.x through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath (called from QRasterPaintEngine::fill and QPaintEngineEx::stroke). | 5.0 |
| 2021-08-09 | CVE-2020-24741 | Unspecified vulnerability in QT 5.13.1/5.14.0 An issue has been fixed in Qt versions 5.14.1 and 5.12.7 where QLibrary attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files. network qt | 6.8 |
| 2021-08-09 | CVE-2020-24742 | Unspecified vulnerability in QT An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files. network qt | 6.8 |
| 2020-09-14 | CVE-2020-0570 | Untrusted Search Path vulnerability in multiple products Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access. | 4.4 |
| 2020-08-12 | CVE-2020-17507 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. | 5.0 |
| 2020-06-09 | CVE-2020-13962 | Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. | 5.0 |
| 2020-04-27 | CVE-2020-12267 | Use After Free vulnerability in QT 5.14.1 setMarkdown in Qt before 5.14.2 has a use-after-free related to QTextMarkdownImporter::insertBlock. | 7.5 |