AES (and other symmetric ciphers) are vulnerable to Grover's algorithm (https://en.wikipedia.org/wiki/Grover%27s_algorithm), which effectively cuts key sizes in half. AES-128 would be reduced to 64-bit security. This isn't a big problem in practice, since we can just switch to 256-bit ciphers like AES-256 and ChaCha20.
Public-key schemes based on factoring and discrete logarithms are undone by Shor's algorithm (https://en.wikipedia.org/wiki/Shor%27s_algorithm), but there are asymmetric systems not known to be vulnerable to quantum algorithms. They are less mature, but researchers are working it.