34 matches found
CVE-2026-58380
A flaw was found in GIMP's PNM file format parser. When parsing a specially crafted PNM file, the pnmscannergettoken function writes a null terminator one byte past the end of a stack-allocated buffer due to an off-by-one error in the loop boundary check. This could lead to memory corruption,...
UBUNTU-CVE-2026-58379
A flaw was found in GIMP's Paint Shop Pro PSP file format parser. This heap buffer overflow vulnerability allows a remote attacker to cause arbitrary code execution or a denial of service DoS by tricking a user into opening a specially crafted PSP image file. The vulnerability occurs because the...
Important: Red Hat Security Advisory: gimp security update
An update for gimp is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
gimp: GIMP: Remote Code Execution via PSP file parsing
A flaw was found in GIMP. A remote attacker could exploit this vulnerability by enticing a user to open a specially crafted PSP PaintShop Pro file. This flaw is caused by a heap-based buffer overflow, where the application does not properly validate the length of user-supplied data. Successful...
EUVD-2026-36156
GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...
TencentOS Server 3: gimp:2.8 (TSSA-2026:0324)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0324 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
RLSA-2026:16484 Important: gimp security update
The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: GIMP:Memo...
GIMP 安全漏洞
GIMP is an open-source bitmap image editor developed by the GIMP team. GIMP has a security vulnerability, which stems from integer overflow in the FITS image loader. This could lead to a heap buffer overflow when processing specially crafted FITS files, potentially causing denial-of-service attac...
GIMP 安全漏洞
GIMP is an open-source bitmap image editor developed by the GIMP team. GIMP has a security vulnerability, which stems from a stack buffer overflow and out-of-bounds read vulnerabilities in the PVR image loader. This vulnerability may lead to denial-of-service attacks when processing specially...
EUVD-2026-21630
GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...
SUSE CVE-2026-4887
A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible...
[SECURITY] Fedora 43 Update: gimp-3.0.8-5.fc43
GIMP GNU Image Manipulation Program is a powerful image composition and editing program, which can be extremely useful for creating logos and other graphics for web pages. GIMP has many of the tools and filters you would expe ct to find in similar commercial offerings, and some interesting extras...
CLSA-2026-1771956020 gimp: Fix of CVE-2025-15059
CVE-2025-15059: fix PSP file loader to validate channel types for grayscale images, preventing invalid memory access from incorrect offset computation...
CVE-2026-2047
GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page ...
CVE-2026-2048
GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open ...
CVE-2026-2045 GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open ...
CVE-2026-2044 GIMP PGM File Parsing Uninitialized Memory Remote Code Execution Vulnerability
GIMP PGM File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open...
CVE-2026-0797 GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...
GIMP 缓冲区错误漏洞
GIMP is an open-source bitmap image editor developed by the GIMP team. GIMP has a buffer error vulnerability, which stems from the lack of validation of data provided to users during the parsing of XWD files. This vulnerability may lead to out-of-bounds writing and remote code execution...
gimp security update
2:3.0.4-1.3 - fix CVE-2025-15059...