Lucene search
K

7760 matches found

RedHat Linux
RedHat Linux
added 2 days ago6 views

gimp: GIMP: Arbitrary code execution via heap-based buffer overflow in HDR file parsing

A flaw was found in GIMP. This vulnerability, a heap-based buffer overflow, occurs during the parsing of HDR High Dynamic Range files due to insufficient validation of user-supplied data length. A remote attacker could exploit this by convincing a user to open a specially crafted malicious file,...

7.8CVSS7.3AI score0.00552EPSS
Exploits0References6
OSV
OSV
added 2026/07/03 8:5 a.m.3 views

SUSE-SU-2026:2739-1 Security update for fontforge

This update for fontforge fixes the following issues - CVE-2025-15269: Remote Code Execution via Use-After-Free in SFD file parsing bsc1256032. - CVE-2025-15275: Arbitrary code execution via SFD file parsing buffer overflow bsc1256025. - CVE-2025-15279: Remote Code Execution via heap-based buffer...

8.8CVSS6.7AI score0.0058EPSS
Exploits0References7
OSV
OSV
added 2026/07/02 4:16 p.m.5 views

DEBIAN-CVE-2026-44941

A relative path traversal in the "keyhint" option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository to inject or overwrite files in the target system as root...

8.8CVSS5.9AI score0.00533EPSS
Exploits1References1
EUVD
EUVD
added 2026/07/01 5:51 p.m.4 views

EUVD-2022-49109

Open Babel has out-of-bounds write in Gaussian translationVectors...

9.8CVSS6.7AI score0.00816EPSS
Exploits1References5
NVD
NVD
added 2026/06/30 1:19 p.m.9 views

CVE-2026-58014

A flaw was found in GLib. An off-by-one error can occur in the gkeyfilegetlocalestringlist function in the gkeyfile.c file when loading a key file with an empty value. This flaw can cause an out-of-bounds access of 1 byte or a denial of service when the out-of-bounds access crosses a page boundar...

8.6CVSS0.00293EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/25 5:47 p.m.7 views

EUVD-2026-39509

Horner Automation Cscape versions prior to 10.2 SP3 are vulnerable to an Out-of-Bounds Read vulnerability through parsing CSP files. Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary code...

8.4CVSS6AI score0.00134EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.14 views

PT-2026-52534

Name of the Vulnerable Software and Affected Versions Horner Automation Cscape versions prior to 10.2 SP3 Description An Out-of-Bounds Read occurs during the parsing of CSP files. This issue allows an attacker to disclose sensitive information and execute arbitrary code. Recommendations Update...

8.4CVSS5.9AI score0.00134EPSS
Exploits0References4
NVD
NVD
added 2026/06/24 10:16 p.m.6 views

CVE-2026-2050

GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS0.00552EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/06/24 9:43 p.m.4 views

CVE-2026-2050 GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS7.6AI score0.00552EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/21 7:15 p.m.11 views

EUVD-2026-38191

A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...

7.5CVSS5.8AI score0.00279EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/16 4:50 p.m.21 views

CVE-2026-4367 Libxpm: libxpm: denial of service via out-of-bounds read in xpm file parsing

A flaw was found in libXpm. A local user with low privileges could exploit an Out-of-Bounds Read vulnerability in the xpmNextWord function by processing a specially crafted or very small XPM X PixMap image file. This improper validation of file boundaries can cause an internal pointer to read...

5.5CVSS0.00129EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.8 views

RHEL 7 : gimp (RHSA-2026:26168)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26168 advisory. The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox,...

7.8CVSS6.2AI score0.00755EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2026/06/15 1:49 a.m.11 views

gimp: GIMP: Remote Code Execution via PSP file parsing

A flaw was found in GIMP. A remote attacker could exploit this vulnerability by enticing a user to open a specially crafted PSP PaintShop Pro file. This flaw is caused by a heap-based buffer overflow, where the application does not properly validate the length of user-supplied data. Successful...

7.8CVSS8AI score0.00651EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/12 2:35 p.m.9 views

CVE-2026-2049

A flaw was found in GIMP. This heap-based buffer overflow vulnerability, located in the HDR file parsing component, allows a remote attacker to execute arbitrary code. User interaction is required for exploitation, as the target must open a malicious HDR file. The flaw occurs due to a lack of...

7.8CVSS7.9AI score0.00615EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.11 views

EulerOS 2.0 SP13 : vim (EulerOS-SA-2026-2361)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob function on...

8.2CVSS7.9AI score0.01162EPSS
Exploits0References11
Zero Day Initiative
Zero Day Initiative
added 2026/06/09 12:0 a.m.15 views

Adobe Acrobat Reader DC TIF File Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS5.9AI score0.00239EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/06/05 3:14 a.m.16 views

SUSE CVE-2026-26825

A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xlsparseWorkBook and is triggered by uninitialized heap memory originating from the OLE layer ole2read. The flaw is detectable with MemorySanitizer MSAN and can lead to...

5.3CVSS5.8AI score0.00214EPSS
Exploits1References3
NVD
NVD
added 2026/06/02 8:16 p.m.13 views

CVE-2021-4478

Dräger CC-Vision Basic before 7.5.3 and Dräger CC-Vision E-Cal before 7.2.5.0 contain an out-of-bounds write vulnerability when loading .gdt files. A crafted .gdt file can trigger a buffer overflow during file parsing, allowing an attacker to crash the application or execute malicious code on the...

8.3CVSS0.00122EPSS
Exploits0References2
CVE
CVE
added 2026/06/02 7:17 p.m.25 views

CVE-2021-4478

Dräger CC-Vision Basic prior to 7.5.3 and CC-Vision E-Cal prior to 7.2.5.0 contain an out-of-bounds write vulnerability when loading .gdt files. A crafted .gdt file can trigger a buffer overflow during parsing, potentially crashing the application or allowing code execution on the host. The avail...

8.3CVSS6.3AI score0.00122EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/02 12:0 a.m.15 views

SUSE SLES16 Security Update : localsearch (SUSE-SU-2026:21854-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21854-1 advisory. - CVE-2026-1764: Fixed a heap buffer overflow leads to denial of service or information disclosure when parsing MP3 files...

8.1CVSS5.7AI score0.00246EPSS
Exploits4References13
Rows per page
Query Builder