MAL-2025-21877 Malicious code in graphic (npm)

The package graphic was found to contain malicious code...

DEBIAN-CVE-2025-50422

Cairo through 1.18.4, as used in Poppler through 25.08.0, has an "unscaled-face == NULL" assertion failure for cairoftunscaledfontfini in cairo-ft-font.c...

SUSE CVE-2004-0941

Multiple buffer overflows in the gd graphics library libgd 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set of vulnerabilities than CVE-2004-0990...

SUSE CVE-2006-2906

The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas Boutell graphics draw GD library aka libgd 2.0.33 allows remote attackers to cause a denial of service CPU consumption via malformed GIF data that causes an infinite loop...

SUSE CVE-2019-6977

gdImageColorMatch in gdcolormatch.c in the GD Graphics Library aka LibGD 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigg...

UBUNTU-CVE-2017-6363

In the GD Graphics Library aka LibGD through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gdtiff.c. NOTE: the vendor says "In my opinion this issue should not have a CVE, since the GD and GD2 formats are documented to be 'obsolete, and should only be used for development and...

ALPINE-CVE-2016-5116

gdxbm.c in the GD Graphics Library aka libgd before 2.2.0, as used in certain custom PHP 5.5.x configurations, allows context-dependent attackers to obtain sensitive information from process memory or cause a denial of service stack-based buffer under-read and application crash via a long name...

GD: Multiple vulnerabilities

Background GD is a graphic library for fast image creation. Description Multiple vulnerabilities have been discovered in GD. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process, or cause ...

UBUNTU-CVE-2016-6214

gdtga.c in the GD Graphics Library aka libgd before 2.2.3 allows remote attackers to cause a denial of service out-of-bounds read via a crafted TGA file...

Libgd Out-of-Bounds Read Vulnerability

libgd is an open source library for dynamically creating images, which supports the creation of charts, graphs, thumbnails and more. libgd fails to properly parse TGA files, which can be exploited by remote attackers to cause an out-of-bounds read...

UBUNTU-CVE-2016-5766

Integer overflow in the gd2GetHeader function in gdgd2.c in the GD Graphics Library aka libgd before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly ha...

DSA-3215-1 libgd2 - security update

Bulletin has no description...

DEBIAN-CVE-2013-1997

Multiple buffer overflows in X.org libX11 1.5.99.901 1.6 RC1 and earlier allow X servers to cause a denial of service crash and possibly execute arbitrary code via crafted length or index values to the 1 XAllocColorCells, 2 XkbReadGetDeviceInfoReply, 3 XkbReadGeomShapes, 4 XkbReadGetGeometryReply...

openmotif21 stack overflows in libxpm

Multiple stack-based buffer overflows in 1 xpmParseColors in parse.c, 2 ParseAndPutPixels in create.c, and 3 ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file...