CVE search results

21 – 30 of 37 results

Detailed view

Sort by:

CVE-2020-0570

Medium priority

Fixed

Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access.

1 affected packages

qtbase-opensource-src

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qtbase-opensource-src	—	—	—	Not affected	Not affected

CVE-2020-0569

Medium priority

Fixed

Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access.

1 affected packages

qtbase-opensource-src

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qtbase-opensource-src	—	—	—	Fixed	Fixed

CVE-2015-9541

Low priority

Vulnerable

Qt through 5.14 allows an exponential XML entity expansion attack via a crafted SVG document that is mishandled in QXmlStreamReader, a related issue to CVE-2003-1564.

5 affected packages

phantomjs, pyside, pyside2, qt4-x11, qtbase-opensource-src

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
phantomjs	Not in release	Not in release	Vulnerable	Vulnerable	Vulnerable
pyside	Not in release	Not in release	Not in release	Vulnerable	Vulnerable
pyside2	Vulnerable	Vulnerable	Vulnerable	Not in release	Needs evaluation
qt4-x11	Not in release	Not in release	Not in release	Vulnerable	Vulnerable
qtbase-opensource-src	Not affected	Not affected	Not affected	Vulnerable	Vulnerable

CVE-2019-18281

Medium priority

Some fixes available 1 of 2

An out-of-bounds memory access in the generateDirectionalRuns() function in qtextengine.cpp in Qt qtbase 5.11.x and 5.12.x before 5.12.5 allows attackers to cause a denial of service by crashing an application via a text file...

1 affected packages

qtbase-opensource-src

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qtbase-opensource-src	—	—	—	Not affected	Not affected

CVE-2018-19872

Low priority

Some fixes available 2 of 3

An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp.

1 affected packages

qtbase-opensource-src

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qtbase-opensource-src	—	—	—	Fixed	Fixed

CVE-2018-19873

Medium priority

Fixed

An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.

1 affected packages

qtbase-opensource-src

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qtbase-opensource-src	—	—	—	Fixed	Fixed

CVE-2018-19870

Medium priority

Fixed

An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault.

1 affected packages

qtbase-opensource-src

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qtbase-opensource-src	—	—	—	Fixed	Fixed

CVE-2018-15518

Medium priority

Fixed

QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document.

1 affected packages

qtbase-opensource-src

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qtbase-opensource-src	—	—	—	Fixed	Fixed

CVE-2017-10905

Medium priority

Ignored

A vulnerability in applications created using Qt for Android prior to 5.9.3 allows attackers to alter environment variables via unspecified vectors.

2 affected packages

qt4-x11, qtbase-opensource-src

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qt4-x11	—	—	—	—	Ignored
qtbase-opensource-src	—	—	—	—	Ignored

CVE-2017-10904

Medium priority

Ignored

Qt for Android prior to 5.9.0 allows remote attackers to execute arbitrary OS commands via unspecified vectors.

2 affected packages

qt4-x11, qtbase-opensource-src

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qt4-x11	—	—	—	—	Ignored
qtbase-opensource-src	—	—	—	—	Ignored

Export to JSON

Results by page:

Search CVE reports