[SECURITY] [DSA 6215-1] gimp security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6215-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 17, 2026 https://www.debian.org/security/faq -...

TencentOS Server 3: gdk-pixbuf2 (TSSA-2024:0229)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0229 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

EUVD-2025-16289

Malicious code in bioql PyPI...

SUSE CVE-2025-48796

A flaw was found in GIMP. The GIMP aniloadimage function is vulnerable to a stack-based overflow. If a user opens.ANI files, GIMP may be used to store more information than the capacity allows. This flaw allows a malicious ANI file to trigger arbitrary code execution...

CVE-2025-48796

A flaw was found in GIMP. The GIMP aniloadimage function is vulnerable to a stack-based overflow. If a user opens.ANI files, GIMP may be used to store more information than the capacity allows. This flaw allows a malicious ANI file to trigger arbitrary code execution...

CVE-2025-48796 Gimp: stack-based buffer overflows in file-ico

A flaw was found in GIMP. The GIMP aniloadimage function is vulnerable to a stack-based overflow. If a user opens.ANI files, GIMP may be used to store more information than the capacity allows. This flaw allows a malicious ANI file to trigger arbitrary code execution...

CVE-2025-48796 Gimp: stack-based buffer overflows in file-ico

A flaw was found in GIMP. The GIMP aniloadimage function is vulnerable to a stack-based overflow. If a user opens.ANI files, GIMP may be used to store more information than the capacity allows. This flaw allows a malicious ANI file to trigger arbitrary code execution...

CVE-2025-48796

GIMP (ani_load_image) suffers a stack-based overflow when processing .ANI files, allowing arbitrary code execution. The vulnerability affects GIMP’s ani_load_image function and is described with a local attack vector, requiring user interaction and achieving high impact on confidentiality, integr...

PT-2025-22999 · Gimp +1 · Gimp +1

Name of the Vulnerable Software and Affected Versions: GIMP affected versions not specified Description: A flaw was found in GIMP. The ani load image function is vulnerable to a stack-based overflow. Opening .ANI files may allow GIMP to store more information than its capacity allows. This flaw...

EulerOS 2.0 SP9 : gdk-pixbuf2 (EulerOS-SA-2024-2828)

According to the versions of the gdk-pixbuf2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In GNOME GdkPixbuf aka gdk-pixbuf through 2.42.10, the ANI Windows animated cursor decoder encounters heap memory corruption in aniloadchunk ...

OESA-2024-2145 gdk-pixbuf2 security update

gdk is written in C but has been designed from the ground up to support a wide range of languages. It provide a complete set of widgets,and suitable for projects ranging from small one-off tools to complete application suites. Security Fixes: In GNOME GdkPixbuf aka gdk-pixbuf through 2.42.10, the...

Ubuntu: Security Advisory (USN-6806-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6806-1: GDK-PixBuf vulnerability

Pedro Ribeiro and Vitor Pedreira discovered that the GDK-PixBuf library did not properly handle certain ANI files. An attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or to possibly execute arbitrary code...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : GDK-PixBuf vulnerability (USN-6806-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6806-1 advisory. Pedro Ribeiro and Vitor Pedreira discovered that the GDK-PixBuf library did not properly handle certain AN...

AZL-34726 CVE-2022-48622 affecting package gdk-pixbuf2 for versions less than 2.42.10-2

In GNOME GdkPixbuf aka gdk-pixbuf through 2.42.10, the ANI Windows animated cursor decoder encounters heap memory corruption in aniloadchunk in io-ani.c when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or...

PT-2024-5877 · Unknown +9 · Gdk-Pixbuf +9

Name of the Vulnerable Software and Affected Versions: GdkPixbuf versions through 2.42.10 Description: The issue is related to heap memory corruption in the ANI decoder when parsing chunks in a crafted .ani file. This corruption can occur in the ani load chunk function and may allow an attacker t...

Microsoft Windows XPVista - .ani tagBITMAPINFOHEADER Denial of Service

Microsoft Windows XPVista - .ani tagBITMAPINFOHEADER Denial of Service source: https://www.securityfocus.com/bid/38579/info Microsoft Windows is prone to a remote denial-of-service vulnerability when processing '.ani' files. Successful exploits will cause the vulnerable applications that use the...

Microsoft Windows XP/Vista - '.ani tagBITMAPINFOHEADER' Denial of Service

source: https://www.securityfocus.com/bid/38579/info Microsoft Windows is prone to a remote denial-of-service vulnerability when processing '.ani' files. Successful exploits will cause the vulnerable applications that use the affected APIs to crash or become unresponsive, denying service to...

MS Internet Explorer .ANI files handling Downloader Exploit (MS05-002)

No description provided by source. / Modified by Vertygo aka Ivanm [email protected] all credits goes to houseofdabus Berend-Jan Wever and to milw0rm/ / Added string.h /str0ke / / HOD-ms05002-ani-expl.c: 2005-01-10: PUBLIC v.0.2 Copyright c 2004-2005 houseofdabus. MS05-002 Microsoft Internet Explore...

devcode2.txt

/ version 0.5 Copyright c 2007 devcode ^^ D E V C O D E ^^ Windows .ANI LoadAniIcon Stack Overflow For Hardware DEP XP SP2 CVE-2007-1765 Description: A vulnerability has been identified in Microsoft Windows, which could be exploited by remote attackers to take complete control of an affected...