Vulnerabilities > QT > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-07-04 CVE-2024-39936 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in QT
An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3.
network
high complexity
qt CWE-367
5.9
5.9
2023-09-18 CVE-2023-43114 Unspecified vulnerability in QT
An issue was discovered in Qt before 5.15.16, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3 on Windows.
local
low complexity
qt
5.5
5.5
2023-08-11 CVE-2021-28025 Integer Overflow or Wraparound vulnerability in QT
Integer Overflow vulnerability in qsvghandler.cpp in Qt qtsvg versions 5.15.1, 6.0.0, 6.0.2, and 6.2, allows local attackers to cause a denial of service (DoS).
local
low complexity
qt CWE-190
5.5
5.5
2023-06-05 CVE-2023-34410 Improper Certificate Validation vulnerability in QT
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2.
network
low complexity
qt CWE-295
5.3
5.3
2023-05-28 CVE-2023-32762 Unspecified vulnerability in QT
An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1.
network
low complexity
qt
5.3
5.3
2023-05-22 CVE-2023-33285 Out-of-bounds Read vulnerability in QT
An issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1.
network
low complexity
qt CWE-125
5.3
5.3
2023-05-10 CVE-2023-32573 Divide By Zero vulnerability in multiple products
In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.
network
low complexity
qt redhat CWE-369
6.5
6.5
2022-03-02 CVE-2022-25634 Path Traversal vulnerability in QT
Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.
network
low complexity
qt CWE-22
5.0
5.0
2022-01-01 CVE-2021-45930 Out-of-bounds Write vulnerability in multiple products
Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend (called from QPainterPath::addPath and QPathClipper::intersect).
local
low complexity
qt fedoraproject debian CWE-787
5.5
5.5
2021-08-09 CVE-2020-24742 Unspecified vulnerability in QT
An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files.
network
qt
6.8
6.8