CVSS: 4.3EPSS: 1%CPEs: 3EXPL: 0CVE-2007-5965
https://notcve.org/view.php?id=CVE-2007-5965
08 Jan 2008 — QSslSocket in Trolltech Qt 4.3.0 through 4.3.2 does not properly verify SSL certificates, which might make it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service, or trick a service into accepting an invalid client certificate for a user. QSslSocket de Trolltech Qt 4.3.0 hasta 4.3.2 no verifica apropiadamente certificados SSL, lo cual facilita a atacantes remotos engañar a un usuario para que acepte un certificado de servidor inválido para un servic... • http://secunia.com/advisories/28228 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 3%CPEs: 65EXPL: 0CVE-2007-4137 – QT off by one buffer overflow
https://notcve.org/view.php?id=CVE-2007-4137
18 Sep 2007 — Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable. Error de superación de límite (off-by-one) en la función QUtf8Decoder::toUnicode de Trolltech Qt3 permite a usuarios locales o remotos (dependiendo del contexto) provocar una denegación de ... • ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-193: Off-by-one Error •
CVSS: 8.8EPSS: 7%CPEs: 1EXPL: 0CVE-2007-3388 – qt3 format string flaw
https://notcve.org/view.php?id=CVE-2007-3388
03 Aug 2007 — Multiple format string vulnerabilities in (1) qtextedit.cpp, (2) qdatatable.cpp, (3) qsqldatabase.cpp, (4) qsqlindex.cpp, (5) qsqlrecord.cpp, (6) qglobal.cpp, and (7) qsvgdevice.cpp in QTextEdit in Trolltech Qt 3 before 3.3.8 20070727 allow remote attackers to execute arbitrary code via format string specifiers in text used to compose an error message. Múltiples vulnerabilidades de formato de cadena en (1) qtextedit.cpp, (2) qdatatable.cpp, (3) qsqldatabase.cpp, (4) qsqlindex.cpp, (5) qsqlrecord.cpp, (6) qg... • ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2005-0627
https://notcve.org/view.php?id=CVE-2005-0627
04 Mar 2005 — Qt before 3.3.4 searches the BUILD_PREFIX directory, which could be world-writable, to load shared libraries regardless of the LD_LIBRARY_PATH environment variable, which allows local users to execute arbitrary programs. • http://bugs.gentoo.org/show_bug.cgi?id=75181 •
CVSS: 8.8EPSS: 27%CPEs: 1EXPL: 1CVE-2004-0691 – Qt - '.bmp' Parsing Bug Heap Overflow
https://notcve.org/view.php?id=CVE-2004-0691
25 Aug 2004 — Heap-based buffer overflow in the BMP image format parser for the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code. Desbordamiento de búfer basado en el montón en el procesador de formato de imagen BMP de la librería QT (qt3) anteriores a 3.3.3 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) y posiblemente ejecutar código de su elección. • https://www.exploit-db.com/exploits/408 •
CVSS: 6.5EPSS: 1%CPEs: 1EXPL: 0CVE-2004-0692
https://notcve.org/view.php?id=CVE-2004-0692
25 Aug 2004 — The XPM parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0693. El procesador XPM en la librería QT (qt3) en versiónes anteriores a 3.3.3 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) mediante un fichero de imagen malformado que dispara una desreferencia nula, una vulnerabilidad distinta de CAN-2004-0693. • http://marc.info/?l=bugtraq&m=110979666528890&w=2 •
CVSS: 6.5EPSS: 1%CPEs: 1EXPL: 0CVE-2004-0693
https://notcve.org/view.php?id=CVE-2004-0693
25 Aug 2004 — The GIF parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0692. El procesador GIF en la librería QT (qt3) en versiónes anteriores a 3.3.3 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) mediante un fichero de imagen malformado que dispara una desreferencia nula, una vulnerabilidad distinta de CAN-2004-0692. • http://security.gentoo.org/glsa/glsa-200408-20.xml •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2002-1883
https://notcve.org/view.php?id=CVE-2002-1883
31 Dec 2002 — Trolltech Qt Assistant 1.0 in Trolltech Qt 3.0.3, when loaded from the Designer, opens port 7358 for interprocess communication, which allows remote attackers to open arbitrary HTML pages and cause a denial of service. • http://lists.trolltech.com/qt-interest/2002-09/thread00549-0.html •
CVSS: 10.0EPSS: 1%CPEs: 10EXPL: 1CVE-2001-1113
https://notcve.org/view.php?id=CVE-2001-1113
13 Aug 2001 — Buffer overflow in TrollFTPD 1.26 and earlier allows local users to execute arbitrary code by creating a series of deeply nested directories with long names, then running the ls -R (recursive) command. • ftp://ftp.trolltech.com/freebies/ftpd/troll-ftpd-1.27.tar.gz •