[SECURITY] [DSA 6215-1] gimp security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6215-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 17, 2026 https://www.debian.org/security/faq -...

TencentOS Server 3: gdk-pixbuf2 (TSSA-2024:0229)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0229 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

EUVD-2025-16289

Malicious code in bioql PyPI...

SUSE CVE-2025-48796

A flaw was found in GIMP. The GIMP aniloadimage function is vulnerable to a stack-based overflow. If a user opens.ANI files, GIMP may be used to store more information than the capacity allows. This flaw allows a malicious ANI file to trigger arbitrary code execution...

CVE-2025-48796

A flaw was found in GIMP. The GIMP aniloadimage function is vulnerable to a stack-based overflow. If a user opens.ANI files, GIMP may be used to store more information than the capacity allows. This flaw allows a malicious ANI file to trigger arbitrary code execution...

CVE-2025-48796 Gimp: stack-based buffer overflows in file-ico

A flaw was found in GIMP. The GIMP aniloadimage function is vulnerable to a stack-based overflow. If a user opens.ANI files, GIMP may be used to store more information than the capacity allows. This flaw allows a malicious ANI file to trigger arbitrary code execution...

CVE-2025-48796

GIMP (ani_load_image) suffers a stack-based overflow when processing .ANI files, allowing arbitrary code execution. The vulnerability affects GIMP’s ani_load_image function and is described with a local attack vector, requiring user interaction and achieving high impact on confidentiality, integr...

CVE-2025-48796 Gimp: stack-based buffer overflows in file-ico

A flaw was found in GIMP. The GIMP aniloadimage function is vulnerable to a stack-based overflow. If a user opens.ANI files, GIMP may be used to store more information than the capacity allows. This flaw allows a malicious ANI file to trigger arbitrary code execution...

PT-2025-22999 · Gimp +1 · Gimp +1

Name of the Vulnerable Software and Affected Versions: GIMP affected versions not specified Description: A flaw was found in GIMP. The ani load image function is vulnerable to a stack-based overflow. Opening .ANI files may allow GIMP to store more information than its capacity allows. This flaw...

EulerOS 2.0 SP9 : gdk-pixbuf2 (EulerOS-SA-2024-2828)

According to the versions of the gdk-pixbuf2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In GNOME GdkPixbuf aka gdk-pixbuf through 2.42.10, the ANI Windows animated cursor decoder encounters heap memory corruption in aniloadchunk ...

OESA-2024-2145 gdk-pixbuf2 security update

gdk is written in C but has been designed from the ground up to support a wide range of languages. It provide a complete set of widgets,and suitable for projects ranging from small one-off tools to complete application suites. Security Fixes: In GNOME GdkPixbuf aka gdk-pixbuf through 2.42.10, the...

Ubuntu: Security Advisory (USN-6806-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6806-1: GDK-PixBuf vulnerability

Pedro Ribeiro and Vitor Pedreira discovered that the GDK-PixBuf library did not properly handle certain ANI files. An attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or to possibly execute arbitrary code...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : GDK-PixBuf vulnerability (USN-6806-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6806-1 advisory. Pedro Ribeiro and Vitor Pedreira discovered that the GDK-PixBuf library did not properly handle certain AN...

AZL-34726 CVE-2022-48622 affecting package gdk-pixbuf2 for versions less than 2.42.10-2

In GNOME GdkPixbuf aka gdk-pixbuf through 2.42.10, the ANI Windows animated cursor decoder encounters heap memory corruption in aniloadchunk in io-ani.c when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or...

PT-2024-5877 · Unknown +9 · Gdk-Pixbuf +9

Name of the Vulnerable Software and Affected Versions: GdkPixbuf versions through 2.42.10 Description: The issue is related to heap memory corruption in the ANI decoder when parsing chunks in a crafted .ani file. This corruption can occur in the ani load chunk function and may allow an attacker t...

Microsoft Windows XP/Vista - '.ani tagBITMAPINFOHEADER' Denial of Service

source: https://www.securityfocus.com/bid/38579/info Microsoft Windows is prone to a remote denial-of-service vulnerability when processing '.ani' files. Successful exploits will cause the vulnerable applications that use the affected APIs to crash or become unresponsive, denying service to...

Microsoft Windows XPVista - .ani tagBITMAPINFOHEADER Denial of Service

Microsoft Windows XPVista - .ani tagBITMAPINFOHEADER Denial of Service source: https://www.securityfocus.com/bid/38579/info Microsoft Windows is prone to a remote denial-of-service vulnerability when processing '.ani' files. Successful exploits will cause the vulnerable applications that use the...

MS Internet Explorer .ANI files handling Downloader Exploit (MS05-002)

No description provided by source. / Modified by Vertygo aka Ivanm [email protected] all credits goes to houseofdabus Berend-Jan Wever and to milw0rm/ / Added string.h /str0ke / / HOD-ms05002-ani-expl.c: 2005-01-10: PUBLIC v.0.2 Copyright c 2004-2005 houseofdabus. MS05-002 Microsoft Internet Explore...

devcode2.txt

/ version 0.5 Copyright c 2007 devcode ^^ D E V C O D E ^^ Windows .ANI LoadAniIcon Stack Overflow For Hardware DEP XP SP2 CVE-2007-1765 Description: A vulnerability has been identified in Microsoft Windows, which could be exploited by remote attackers to take complete control of an affected...