Page 3 of 52 results (0.033 seconds)

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and 6.3.x before 6.4.3. • https://codereview.qt-project.org/c/qt/qtbase/+/456216 https://codereview.qt-project.org/c/qt/tqtc-qtbase/+/456217 https://codereview.qt-project.org/c/qt/tqtc-qtbase/+/456238 https://download.qt.io/official_releases/qt/5.15/CVE-2023-24607-qtbase-5.15.diff https://github.com/qt/qtbase/commit/aaf1381eab6292aa0444a5eadcc24165b6e1c02d https://lists.debian.org/debian-lts-announce/2024/04/msg00027.html https://www.qt.io/blog/security-advisory-qt-sql-odbc-driver-plugin https: •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory. Qt versiones hasta 5.15.8 y versiones 6.x hasta 6.2.3, pueden cargar archivos de biblioteca del sistema desde un directorio de trabajo no deseado • https://codereview.qt-project.org/c/qt/qtbase/+/396440 https://codereview.qt-project.org/c/qt/qtbase/+/396689 https://codereview.qt-project.org/c/qt/tqtc-qtbase/+/396690 https://download.qt.io/official_releases/qt/5.15/CVE-2022-25643-5.15.diff https://download.qt.io/official_releases/qt/6.2/CVE-2022-25643-6.2.diff • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

Qt 5.x before 5.15.6 and 6.x through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath (called from QRasterPaintEngine::fill and QPaintEngineEx::stroke). Qt 5.x antes de la versión 5.15.6 y 6.x hasta la versión 6.1.2 tiene una escritura fuera de límites en QOutlineMapper::convertPath (llamada desde QRasterPaintEngine::fill y QPaintEngineEx::stroke) • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35566 https://github.com/google/oss-fuzz-vulns/blob/main/vulns/qt/OSV-2021-903.yaml https://github.com/qt/qtbase/commit/1ca02cf2879a5e1511a2f2109f0925cf4c892862 https://github.com/qt/qtbase/commit/202143ba41f6ac574f1858214ed8bf4a38b73ccd https://github.com/qt/qtbase/commit/6b400e3147dcfd8cc3a393ace1bd118c93762e0c https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36VN2WKMNQUSTF6ZW2X52NPAJVXJ4S5I https://lists.fedoraproject.org/archives/ • CWE-787: Out-of-bounds Write •

CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0

An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. read_xbm_body in gui/image/qxbmhandler.cpp has a buffer over-read. Se detectó un problema en Qt versiones hasta 5.12.9 y versiones 5.13.x hasta 5.15.x anteriores a 5.15.1. La función read_xbm_body en el archivo gui/image/qxbmhandler.cpp presenta una lectura excesiva del búfer • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00057.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00071.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00073.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00090.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00104.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00105.html https://codereview.qt-project.org/c/qt/qtbase/+/30843 • CWE-125: Out-of-bounds Read •

CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 1

In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service (memory consumption). En Qt versiones hasta 5.14.1, la implementación de WebSocket acepta hasta 2GB para tramas y 2GB para mensajes. Los límites más pequeños no pueden ser configurados. • https://bugreports.qt.io/browse/QTBUG-70693 https://codereview.qt-project.org/c/qt/qtwebsockets/+/284735 https://access.redhat.com/security/cve/CVE-2018-21035 https://bugzilla.redhat.com/show_bug.cgi?id=1810964 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •