Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and 6.3.x before 6.4.3.
CVSS Score
7.5
EPSS Score
0.003
Published
2023-04-15
Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-03-02
In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-02-16
Qt 5.x before 5.15.6 and 6.x through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath (called from QRasterPaintEngine::fill and QPaintEngineEx::stroke).
CVSS Score
7.5
EPSS Score
0.008
Published
2021-08-12
Page 2