Shodan
Vulnerabilities
Vulnerable Software
Qt:  >> Qt  >> 5.1.1  Security Vulnerabilities
CVE-2021-38593
Qt 5.x before 5.15.6 and 6.x through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath (called from QRasterPaintEngine::fill and QPaintEngineEx::stroke).
CVSS Score
7.5
EPSS Score
0.008
Published
2021-08-12
CVE-2020-0569
Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access.
CVSS Score
5.7
EPSS Score
0.004
Published
2020-11-23
CVE-2020-0570
Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access.
CVSS Score
7.3
EPSS Score
0.002
Published
2020-09-14
CVE-2020-17507
An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. read_xbm_body in gui/image/qxbmhandler.cpp has a buffer over-read.
CVSS Score
5.3
EPSS Score
0.026
Published
2020-08-12
CVE-2018-21035
In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service (memory consumption).
CVSS Score
8.6
EPSS Score
0.004
Published
2020-02-28
CVE-2018-19869
An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp.
CVSS Score
6.5
EPSS Score
0.009
Published
2018-12-26
CVE-2018-19870
An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault.
CVSS Score
8.8
EPSS Score
0.026
Published
2018-12-26
CVE-2018-19871
An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.
CVSS Score
6.5
EPSS Score
0.015
Published
2018-12-26
CVE-2018-19873
An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.
CVSS Score
9.8
EPSS Score
0.134
Published
2018-12-26
CVE-2015-1290
The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and QtWebEngineCore in Qt before 5.5.1, allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted web site.
CVSS Score
8.8
EPSS Score
0.011
Published
2018-01-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved