Lucene search
K

233 matches found

OSV
OSV
added 2026/06/14 12:16 p.m.4 views

ALPINE-CVE-2026-11526

GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open of filename arguments in makefilehandle. GD::Image::makefilehandle opens a filename argument with Perl's 2-arg open, so a filename that begins or ends with a pipe "| cmd", "cmd |" or begins with a...

9.8CVSS5.5AI score0.01353EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/14 11:39 a.m.12 views

EUVD-2026-36659

GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open of filename arguments in makefilehandle. GD::Image::makefilehandle opens a filename argument with Perl's 2-arg open, so a filename that begins or ends with a pipe "| cmd", "cmd |" or begins with a...

5.4AI score0.01353EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.9 views

Unity Linux 20.1070e Security Update: gd (UTSA-2026-016717)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016717 advisory. gdImageGd2Ptr in gdgd2.c in the GD Graphics Library aka LibGD through 2.3.2 has a double free. NOTE: the vendor's position is The GD2 image format is a proprietary...

7.5CVSS6.7AI score0.02051EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.3 views

MiracleLinux 3 : gd-2.0.33-9.4.2.1.AXS3 (AXSA:2010-56:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2010-56:01 advisory. The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood...

9.3CVSS7AI score0.1021EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2016-1356

Malware in sbrugna...

7.8CVSS7.7AI score0.03715EPSS
Exploits0References17
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2003-0852

Malware in sbrugna...

10CVSS6.4AI score0.01422EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2009-1362

Malware in sbrugna...

7.5CVSS5.7AI score0.03463EPSS
Exploits0References32
Fedora
Fedora
added 2024/05/02 1:57 a.m.24 views

[SECURITY] Fedora 40 Update: php-tcpdf-6.7.5-1.fc40

PHP class for generating PDF documents. no external libraries are required for the basic functions; all standard page formats, custom page formats, custom margins and units of measure; UTF-8 Unicode and Right-To-Left languages; TrueTypeUnicode, OpenTypeUnicode, TrueType, OpenType, Type1 and CID-0...

7.5CVSS6.5AI score0.01325EPSS
Exploits1
F5 Networks
F5 Networks
added 2023/02/21 7:58 p.m.54 views

K17127: PHP vulnerability CVE-2014-9709

Security Advisory Description The GetCode function in gdgifin.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted GIF image that is improperly handled by the...

5CVSS7.6AI score0.15531EPSS
Exploits1Affected Software18
SUSE CVE
SUSE CVE
added 2023/02/15 6:12 a.m.5 views

SUSE CVE-2007-1001

Multiple integer overflows in the 1 createwbmp and 2 readwbmp functions in wbmp.c in the GD library libgd in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allow context-dependent attackers to execute arbitrary code via Wireless Bitmap WBMP images with large width or height values...

6.8CVSS8.1AI score0.08321EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:11 a.m.3 views

SUSE CVE-2007-3477

The a imagearc and b imagefilledarc functions in GD Graphics Library libgd before 2.0.35 allow attackers to cause a denial of service CPU consumption via a large 1 start or 2 end angle degree value...

5CVSS6.8AI score0.04857EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:11 a.m.5 views

SUSE CVE-2007-3478

Race condition in gdImageStringFTEx gdftdrawbitmap in gdft.c in the GD Graphics Library libgd before 2.0.35 allows user-assisted remote attackers to cause a denial of service crash via unspecified vectors, possibly involving truetype font TTF support...

4.3CVSS7AI score0.01721EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:2 a.m.3 views

SUSE CVE-2009-3546

The gdGetColors function in gdgd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different...

9.3CVSS7.7AI score0.1021EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:10 a.m.5 views

SUSE CVE-2015-8874

Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call...

7.5CVSS9.1AI score0.08276EPSS
Exploits1References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:59 a.m.3 views

SUSE CVE-2016-6905

The readimagetga function in gdtga.c in the GD Graphics Library aka libgd before 2.2.3 allows remote attackers to cause a denial of service out-of-bounds read via a crafted TGA image...

6.5CVSS8.6AI score0.02555EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:56 a.m.5 views

SUSE CVE-2016-8670

Integer signedness error in the dynamicGetbuf function in gdiodp.c in the GD Graphics Library aka libgd through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service stack-based buffer overflow or possibly have unspecified other impact via...

9.8CVSS9.8AI score0.04786EPSS
Exploits0References14
SUSE CVE
SUSE CVE
added 2023/02/15 4:54 a.m.5 views

SUSE CVE-2016-9933

Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library aka libgd before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service segmentation violation via a crafted imagefilltoborder call that...

7.5CVSS6.8AI score0.06927EPSS
Exploits0References9
BDU FSTEC
BDU FSTEC
added 2022/04/25 12:0 a.m.5 views

The vulnerability of the GD library for the PHP programming language allows attackers to trigger a service failure.

The vulnerability of the GD library for the PHP programming language arises due to buffer overflow. Exploiting this vulnerability can allow an attacker to cause a service failure through a specially crafted call to the imagefilltoborder function...

7.8CVSS7.9AI score0.08276EPSS
Exploits1References8Affected Software3
Tenable Nessus
Tenable Nessus
added 2021/09/28 12:0 a.m.32 views

openSUSE 15 Security Update : gd (openSUSE-SU-2021:3236-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:3236-1 advisory. - The GD Graphics Library aka LibGD through 2.3.2 has an out-of-bounds read because of the lack of certain gdGetBuf and gdPutBuf return value checks...

6.5CVSS6AI score0.01659EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/09/08 12:0 a.m.31 views

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : GD library vulnerabilities (USN-5068-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5068-1 advisory. It was discovered that GD Graphics Library incorrectly handled certain GD and GD2 files. An attacker could possibly use this issu...

8.1CVSS6.5AI score0.02051EPSS
Exploits3References4
Rows per page
Query Builder