Vulnerabilities > QT
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-26 | CVE-2018-19871 | Resource Exhaustion vulnerability in multiple products An issue was discovered in Qt before 5.11.3. | 4.3 |
| 2018-12-26 | CVE-2018-19870 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in Qt before 5.11.3. | 6.8 |
| 2018-12-26 | CVE-2018-19869 | Improper Input Validation vulnerability in multiple products An issue was discovered in Qt before 5.11.3. | 4.3 |
| 2018-12-26 | CVE-2018-15518 | Double Free vulnerability in multiple products QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document. | 6.8 |
| 2018-12-05 | CVE-2018-19865 | Information Exposure Through Log Files vulnerability in multiple products A keystroke logging issue was discovered in Virtual Keyboard in Qt 5.7.x, 5.8.x, 5.9.x, 5.10.x, and 5.11.x before 5.11.3. | 5.0 |
| 2018-01-09 | CVE-2015-1290 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and QtWebEngineCore in Qt before 5.5.1, allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted web site. | 8.8 |
| 2017-12-16 | CVE-2017-10905 | Unspecified vulnerability in QT 5.9.0 A vulnerability in applications created using Qt for Android prior to 5.9.3 allows attackers to alter environment variables via unspecified vectors. network qt | 6.8 |
| 2017-12-16 | CVE-2017-10904 | OS Command Injection vulnerability in QT Qt for Android prior to 5.9.0 allows remote attackers to execute arbitrary OS commands via unspecified vectors. | 7.5 |
| 2017-10-04 | CVE-2017-15011 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in QT The named pipes in qtsingleapp in Qt 5.x, as used in qBittorrent and SugarSync, are configured for remote access and allow remote attackers to cause a denial of service (application crash) via an unspecified string. | 5.0 |
| 2017-09-07 | CVE-2015-8079 | Information Exposure vulnerability in QT Qtwebkit qt5-qtwebkit before 5.4 records private browsing URLs to its favicon database, WebpageIcons.db. | 5.0 |