Page 4 of 39 results (0.016 seconds)

CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0

An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data. Se ha descubierto un problema en versiones anteriores a la 5.11.3 de Qt. QBmpHandler tiene un desbordamiento de búfer mediante datos BMP. • http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00066.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00057.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00071.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00073.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00090.html https://access.redhat.com/errata/RHSA-2019:2135 https://access.redhat.com/errata/RHSA-2019:3390 https://blog.qt.io/blog/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault. Se ha descubierto un problema en versiones anteriores a la 5.11.3 de Qt. Una imagen GIF mal formada provoca una desreferencia de puntero NULL en QGifHandler, lo que resulta en un fallo de segmentación. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00080.html https://access.redhat.com/errata/RHSA-2019:2135 https://access.redhat.com/errata/RHSA-2019:3390 https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates https://codereview.qt-project.org/#/c/235998 https://lists.debian.org/debian-lts-announce/2019/01/msg00004.html https://lists.debian.org/debian-lts-announce/2019/05/msg00014.html https://lists.debian.org/debian-lts-announce& • CWE-476: NULL Pointer Dereference •

CVSS: 9.3EPSS: 1%CPEs: 3EXPL: 0

The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and QtWebEngineCore in Qt before 5.5.1, allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted web site. El motor Google V8, tal y como se utiliza en Google Chrome en versiones anteriores a la 44.0.2403.89 y QtWebEngineCore en Qt en versiones anteriores a la 5.5.1, permiten que atacantes remotos provoquen una denegación de servicio (corrupción de memoria) o ejecuten código arbitrario mediante un sitio web manipulado. • http://code.qt.io/cgit/qt/qtwebengine.git/tree/dist/changes-5.5.1 http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html http://lists.opensuse.org/opensuse-updates/2015-12/msg00116.html http://www.nsfocus.net/index.php?act=advisory&do=view&adv_id=80 https://bugs.chromium.org/p/chromium/issues/detail?id=505374 https://codereview.chromium.org/1233453004 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

Qt for Android prior to 5.9.0 allows remote attackers to execute arbitrary OS commands via unspecified vectors. Qt para Android en versiones anteriores a la 5.9.0 permite que los atacantes remotos ejecuten comandos de sistema operativo arbitrarios mediante vectores sin especificar. • https://blog.qt.io/blog/2017/11/22/security-advisory-qt-android https://jvn.jp/en/jp/JVN67389262/index.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

A vulnerability in applications created using Qt for Android prior to 5.9.3 allows attackers to alter environment variables via unspecified vectors. Una vulnerabilidad en aplicaciones creadas mediante Qt para Android en versiones anteriores a la 5.9.3 permite que atacantes alteren variables del entorno mediante vectores sin especificar. • https://blog.qt.io/blog/2017/11/22/security-advisory-qt-android https://jvn.jp/en/jp/JVN27342829/index.html •