Page 4 of 52 results (0.015 seconds)

CVSS: 7.3EPSS: 0%CPEs: 30EXPL: 0

Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access. Una escritura fuera de límites en los productos Intel® PROSet/Wireless WiFi en Windows 10 puede habilitar a un usuario autenticado para permitir potencialmente una denegación de servicio por medio de un acceso local • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00338.html https://access.redhat.com/security/cve/CVE-2020-0569 https://bugzilla.redhat.com/show_bug.cgi?id=1800600 • CWE-73: External Control of File Name or Path CWE-787: Out-of-bounds Write •

CVSS: 7.3EPSS: 0%CPEs: 5EXPL: 1

Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access. Una ruta de búsqueda no controlada en QT Library versiones anteriores a 5.14.0, 5.12.7 y 5.9.10, puede permitir a un usuario autenticado habilitar potencialmente una elevación de privilegios por medio un acceso local • https://bugreports.qt.io/browse/QTBUG-81272 https://bugzilla.redhat.com/show_bug.cgi?id=1800604 https://lists.qt-project.org/pipermail/development/2020-January/038534.html https://access.redhat.com/security/cve/CVE-2020-0570 • CWE-73: External Control of File Name or Path CWE-426: Untrusted Search Path •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

Qt through 5.14 allows an exponential XML entity expansion attack via a crafted SVG document that is mishandled in QXmlStreamReader, a related issue to CVE-2003-1564. Qt versiones hasta 5.14, permite un ataque de expansión de entidad XML exponencial por medio de un documento SVG diseñado que es manejado inapropiadamente en la función QXmlStreamReader, un problema relacionado con el CVE-2003-1564. An XML Entity Expansion flaw was found in the QT library. Applications that use QT to load untrusted images, for example, SVG images, or untrusted XML documents, may be vulnerable to this flaw. This flaw allows an attacker to cause a denial of service. • https://bugreports.qt.io/browse/QTBUG-47417 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PT6327C64Q4RBFRWUSBKCG7SVGBWU5W https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZMMF4OEJAZRVKVXNO7IZWLEZVQGJN6G https://access.redhat.com/security/cve/CVE-2015-9541 https://bugzilla.redhat.com/show_bug.cgi?id=1801369 • CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •

CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0

QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document. QXmlStream en Qt 5.x en versiones anteriores a la 5.11.3 tiene una doble liberación (double free) o una corrupción durante el análisis de un documento XML ilegal especialmente manipulado. • http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00066.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00057.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00071.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00073.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00090.html https://access.redhat.com/errata/RHSA-2019:2135 https://access.redhat.com/errata/RHSA-2019:3390 https://blog.qt.io/blog/ • CWE-415: Double Free CWE-416: Use After Free •

CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0

An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption. Se ha descubierto un problema en versiones anteriores a la 5.11.3 de Qt. Hay un consumo de recursos no controlado en QTgaFile. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00002.html https://access.redhat.com/errata/RHSA-2019:2135 https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates https://codereview.qt-project.org/#/c/237761 https://lists.debian.org/debian-lts-announce/2019/05/msg00014.html https://lists.debian.org/debian-lts-announce/2020/09/msg00023.html https://access.redhat.com/security/cve/CVE-2018-19871 https://bugzilla.redhat.com/show_bug&# • CWE-400: Uncontrolled Resource Consumption •