Search for packages
| purl | pkg:deb/ubuntu/qtbase-opensource-src@5.12.4%2Bdfsg-4ubuntu1.1 |
| Next non-vulnerable version | 5.12.8+dfsg-0ubuntu1 |
| Latest non-vulnerable version | 5.12.8+dfsg-0ubuntu1 |
| Risk | 3.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1qkn-nzf8-aaaf
Aliases: CVE-2015-9541 |
Qt through 5.14 allows an exponential XML entity expansion attack via a crafted SVG document that is mishandled in QXmlStreamReader, a related issue to CVE-2003-1564. |
Affected by 1 other vulnerability. |
|
VCID-9m91-css2-aaad
Aliases: CVE-2020-24742 |
An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-74ct-7v5h-aaae | An out-of-bounds memory access in the generateDirectionalRuns() function in qtextengine.cpp in Qt qtbase 5.11.x and 5.12.x before 5.12.5 allows attackers to cause a denial of service by crashing an application via a text file containing many directional characters. |
CVE-2019-18281
|
| VCID-rpsv-xny3-aaap | Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access. |
CVE-2020-0569
|
| VCID-txpf-1k3n-aaaf | Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access. |
CVE-2020-0570
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|