NotCVE - vendor:"Qt" product:"Qt" version:" >= 6.3.0

Page 2 of 14 results (0.003 seconds)

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2023-32573 – qt: Uninitialized variable usage in m_unitsPerEm

https://notcve.org/view.php?id=CVE-2023-32573

10 May 2023 — In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled. A vulnerability was found in qt. The security flaw occurs due to uninitialized variable usage in m_unitsPerEm. Multiple vulnerabilities have been discovered in qtsvg, the worst of which could lead to a denial of service. Versions greater than or equal to 5.15.9-r1 are affected. • https://codereview.qt-project.org/c/qt/qtsvg/+/474093 • CWE-369: Divide By Zero •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2023-24607

https://notcve.org/view.php?id=CVE-2023-24607

15 Apr 2023 — Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and 6.3.x before 6.4.3. • https://codereview.qt-project.org/c/qt/qtbase/+/456216 •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1

CVE-2022-40983

https://notcve.org/view.php?id=CVE-2022-40983

12 Jan 2023 — An integer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an integer overflow during memory allocation, which can lead to arbitrary code execution. Target application would need to access a malicious web page to trigger this vulnerability. Existe una vulnerabilidad de desbordamiento de enteros en la API QML QtScript Reflect de Qt Project Qt 6.3.2. Un código JavaScript especialmente manipulado puede provocar un desbordamie... • https://talosintelligence.com/vulnerability_reports/TALOS-2022-1617 • CWE-190: Integer Overflow or Wraparound •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1

CVE-2022-43591

https://notcve.org/view.php?id=CVE-2022-43591

12 Jan 2023 — A buffer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an out-of-bounds memory access, which can lead to arbitrary code execution. Target application would need to access a malicious web page to trigger this vulnerability. Existe una vulnerabilidad de desbordamiento de búfer en la API QML QtScript Reflect de Qt Project Qt 6.3.2. Un código JavaScript especialmente manipulado puede desencadenar un acceso a la memoria fuera... • https://talosintelligence.com/vulnerability_reports/TALOS-2022-1650 • CWE-122: Heap-based Buffer Overflow •

1 2