Vulnerabilities > QT > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-23 | CVE-2020-0569 | Out-of-bounds Write vulnerability in multiple products Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access. | 5.7 |
| 2020-09-14 | CVE-2020-0570 | Untrusted Search Path vulnerability in multiple products Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access. | 4.4 |
| 2020-08-12 | CVE-2020-17507 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. | 5.3 |
| 2020-02-28 | CVE-2018-21035 | Allocation of Resources Without Limits or Throttling vulnerability in QT In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. | 5.0 |
| 2019-10-23 | CVE-2019-18281 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An out-of-bounds memory access in the generateDirectionalRuns() function in qtextengine.cpp in Qt qtbase 5.11.x and 5.12.x before 5.12.5 allows attackers to cause a denial of service by crashing an application via a text file containing many directional characters. | 4.3 |
| 2019-03-21 | CVE-2018-19872 | Divide By Zero vulnerability in multiple products An issue was discovered in Qt 5.11. | 5.5 |
| 2018-12-26 | CVE-2018-19871 | Resource Exhaustion vulnerability in multiple products An issue was discovered in Qt before 5.11.3. | 4.3 |
| 2018-12-26 | CVE-2018-19870 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in Qt before 5.11.3. | 6.8 |
| 2018-12-26 | CVE-2018-19869 | Improper Input Validation vulnerability in multiple products An issue was discovered in Qt before 5.11.3. | 4.3 |
| 2018-12-26 | CVE-2018-15518 | Double Free vulnerability in multiple products QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document. | 6.8 |