Search CVE reports


Toggle filters

21 – 30 of 355 results


CVE-2014-0190

Low priority

Some fixes available 3 of 7

The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and height values in a GIF image.

2 affected packages

qt4-x11, qtbase-opensource-src

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
qt4-x11
qtbase-opensource-src
Show less packages

CVE-2013-4549

Medium priority

Some fixes available 29 of 39

QXmlSimpleReader in Qt before 5.2 allows context-dependent attackers to cause a denial of service (memory consumption) via an XML Entity Expansion (XEE) attack.

3 affected packages

phantomjs, qt4-x11, qtbase-opensource-src

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
phantomjs Not affected Not affected
qt4-x11 Fixed Fixed
qtbase-opensource-src Fixed Fixed
Show less packages

CVE-2013-0254

Medium priority

Some fixes available 4 of 5

The QSharedMemory class in Qt 5.0.0, 4.8.x before 4.8.5, 4.7.x before 4.7.6, and other versions including 4.4.0 uses weak permissions (world-readable and world-writable) for shared memory segments, which allows local users to read...

1 affected package

qt4-x11

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
qt4-x11
Show less packages

CVE-2012-6093

Low priority

Some fixes available 4 of 5

The QSslSocket::sslErrors function in Qt before 4.6.5, 4.7.x before 4.7.6, 4.8.x before 4.8.5, when using certain versions of openSSL, uses an "incompatible structure layout" that can read memory from the wrong location, which...

1 affected package

qt4-x11

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
qt4-x11
Show less packages

CVE-2012-5624

Low priority

Some fixes available 3 of 4

The XMLHttpRequest object in Qt before 4.8.4 enables http redirection to the file scheme, which allows man-in-the-middle attackers to force the read of arbitrary local files and possibly obtain sensitive information via a file:...

1 affected package

qt4-x11

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
qt4-x11
Show less packages

CVE-2012-4929

Medium priority

Some fixes available 21 of 34

The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle...

6 affected packages

apache2, chromium-browser, nss, openssl, openssl098, qt4-x11

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apache2
chromium-browser
nss
openssl
openssl098
qt4-x11
Show less packages

CVE-2010-5076

Medium priority

Some fixes available 1 of 2

QSslSocket in Qt before 4.7.0-rc1 recognizes a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate...

1 affected package

qt4-x11

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
qt4-x11
Show less packages

CVE-2011-3194

Low priority

Some fixes available 2 of 4

Buffer overflow in the TIFF reader in gui/image/qtiffhandler.cpp in Qt 4.7.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the TIFFTAG_SAMPLESPERPIXEL tag in a greyscale TIFF...

1 affected package

qt4-x11

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
qt4-x11
Show less packages

CVE-2011-3193

Low priority

Some fixes available 2 of 4

Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.c), as used by Qt before 4.7.4 and Pango, allows remote attackers to cause a denial of service (crash) and possibly execute...

1 affected package

qt4-x11

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
qt4-x11
Show less packages

CVE-2011-3890

Low priority

Some fixes available 2 of 28

Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to video source handling.

5 affected packages

chromium-browser, qt4-x11, qtwebkit-source, webkit, webkitgtk

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Not affected
qt4-x11 Not affected
qtwebkit-source Ignored
webkit Not in release
webkitgtk Not affected
Show less packages