Vulnerabilities > QT

DATE CVE VULNERABILITY TITLE RISK
2023-05-10 CVE-2023-32573 Divide By Zero vulnerability in multiple products
In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.
network
low complexity
qt redhat CWE-369
6.5
2023-04-15 CVE-2023-24607 Unspecified vulnerability in QT
Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4.
network
low complexity
qt
7.5
2023-01-12 CVE-2022-40983 Unspecified vulnerability in QT 6.3.2
An integer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2.
network
low complexity
qt
8.8
2023-01-12 CVE-2022-43591 Unspecified vulnerability in QT 6.3.2
A buffer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2.
network
low complexity
qt
8.8
2022-08-22 CVE-2021-3481 Out-of-bounds Read vulnerability in QT
A flaw was found in Qt.
local
low complexity
qt CWE-125
7.1
2022-03-02 CVE-2022-25634 Path Traversal vulnerability in QT
Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.
network
low complexity
qt CWE-22
7.5
2022-02-16 CVE-2022-25255 Unspecified vulnerability in QT
In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.
local
low complexity
qt
7.8
2022-01-01 CVE-2021-45930 Out-of-bounds Write vulnerability in multiple products
Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend (called from QPainterPath::addPath and QPathClipper::intersect).
local
low complexity
qt fedoraproject debian CWE-787
5.5
2021-08-12 CVE-2021-38593 Out-of-bounds Write vulnerability in multiple products
Qt 5.x before 5.15.6 and 6.x through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath (called from QRasterPaintEngine::fill and QPaintEngineEx::stroke).
network
low complexity
qt fedoraproject CWE-787
7.5
2021-08-09 CVE-2020-24742 Unspecified vulnerability in QT
An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files.
local
low complexity
qt
7.8