Search CVE reports
11 – 20 of 356 results
Some fixes available 1 of 8
An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp.
2 affected packages
qt4-x11, qtsvg-opensource-src
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qt4-x11 | Not in release | Not in release | Not in release | Needs evaluation |
| qtsvg-opensource-src | Not affected | Not affected | Not affected | Fixed |
A vulnerability in applications created using Qt for Android prior to 5.9.3 allows attackers to alter environment variables via unspecified vectors.
2 affected packages
qt4-x11, qtbase-opensource-src
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qt4-x11 | — | — | — | — |
| qtbase-opensource-src | — | — | — | — |
Qt for Android prior to 5.9.0 allows remote attackers to execute arbitrary OS commands via unspecified vectors.
2 affected packages
qt4-x11, qtbase-opensource-src
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qt4-x11 | — | — | — | — |
| qtbase-opensource-src | — | — | — | — |
Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote attackers to cause a denial of service (application crash) via a xml file with multiple nested open tags.
2 affected packages
qt4-x11, qtbase-opensource-src
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qt4-x11 | Not in release | Not in release | Not in release | Not affected |
| qtbase-opensource-src | Not affected | Not affected | Not affected | Not affected |
Qt through 5.14 allows an exponential XML entity expansion attack via a crafted SVG document that is mishandled in QXmlStreamReader, a related issue to CVE-2003-1564.
5 affected packages
phantomjs, pyside, pyside2, qt4-x11, qtbase-opensource-src
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| phantomjs | Not in release | Not in release | Vulnerable | Vulnerable |
| pyside | Not in release | Not in release | Not in release | Vulnerable |
| pyside2 | Vulnerable | Vulnerable | Vulnerable | Not in release |
| qt4-x11 | Not in release | Not in release | Not in release | Vulnerable |
| qtbase-opensource-src | Not affected | Not affected | Not affected | Vulnerable |
qt5-qtwebkit before 5.4 records private browsing URLs to its favicon database, WebpageIcons.db.
5 affected packages
qt4-x11, qtwebkit-opensource-src, qtwebkit-source, webkit, webkitgtk
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qt4-x11 | — | — | — | — |
| qtwebkit-opensource-src | — | — | — | — |
| qtwebkit-source | — | — | — | — |
| webkit | — | — | — | — |
| webkitgtk | — | — | — | — |
Some fixes available 7 of 8
Multiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a...
2 affected packages
qt4-x11, qtbase-opensource-src
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qt4-x11 | — | — | — | — |
| qtbase-opensource-src | — | — | — | — |
Some fixes available 7 of 8
Multiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly...
2 affected packages
qt4-x11, qtbase-opensource-src
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qt4-x11 | — | — | — | — |
| qtbase-opensource-src | — | — | — | — |
Some fixes available 14 of 19
Multiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary...
2 affected packages
qt4-x11, qtbase-opensource-src
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qt4-x11 | — | — | — | Fixed |
| qtbase-opensource-src | — | — | — | Not affected |
Some fixes available 6 of 7
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.
2 affected packages
qt4-x11, qtbase-opensource-src
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qt4-x11 | — | — | — | — |
| qtbase-opensource-src | — | — | — | — |