UBUNTU-CVE-2026-2047

GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page ...

CVE-2026-2047 GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page ...

CVE-2026-0797

GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

CVE-2026-0797 GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

CVE-2026-0797

CVE-2026-0797 has concrete details via connected document ZDI-26-050: In GIMP, the ICO file parsing contains a heap-based buffer overflow due to insufficient validation of user-supplied data length before copying to a heap buffer. This enables remote code execution when a user opens a malicious I...

CVE-2026-0797

GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

CVE-2026-0797

GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

CVE-2026-0797 GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gimp (SUSE-SU-2026:0442-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0442-1 advisory. - CVE-2026-0797: Fixed a heap-based buffer overflow in the parsing of ICO files. bsc1257549 Tenable has...

PT-2026-5438

Name of the Vulnerable Software and Affected Versions GIMP affected versions not specified Description A flaw exists in the parsing of ICO files, potentially allowing remote attackers to execute arbitrary code. User interaction is required, such as visiting a malicious page or opening a malicious...

GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ICO files. The...

ROS-20251216-7349

A vulnerability in the Gimp image processing library is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow an attacker to execute arbitrary code by loading a specially crafted ICNS file...

RLSA-2025:21968 Important: gimp security update

The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: GIMP DCM...

CVE-2025-13069

The Enable SVG, WebP, and ICO Upload plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 1.1.3. This is due to insufficient file type validation detecting ICO files, allowing double extension files with the appropriate magic bytes to bypass sanitizati...

EUVD-2025-197965

The Enable SVG, WebP, and ICO Upload plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 1.1.2. This is due to insufficient file type validation detecting ICO files, allowing double extension files with the appropriate magic bytes to bypass sanitizati...

CVE-2025-13069 Enable SVG, WebP, and ICO Upload <= 1.1.3 - Authenticated (Author+) Arbitrary File Upload via ICO Upload Bypass

The Enable SVG, WebP, and ICO Upload plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 1.1.3. This is due to insufficient file type validation detecting ICO files, allowing double extension files with the appropriate magic bytes to bypass sanitizati...

CVE-2025-13069 Enable SVG, WebP, and ICO Upload <= 1.1.3 - Authenticated (Author+) Arbitrary File Upload via ICO Upload Bypass

The Enable SVG, WebP, and ICO Upload plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 1.1.3. This is due to insufficient file type validation detecting ICO files, allowing double extension files with the appropriate magic bytes to bypass sanitizati...

UBUNTU-CVE-2025-10920

GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open...

CVE-2025-10920

CVE-2025-10920 is a GIMP vulnerability where ICNS file parsing can cause an out-of-bounds write, enabling remote code execution. The issue stems from insufficient validation while parsing ICNS data, allowing an attacker to write past a buffer in the target process. Several connected advisories no...

GIMP 缓冲区错误漏洞

GIMP is an open source bitmap image editor from the GIMP team. GIMP suffers from a buffer error vulnerability that stems from a lack of proper validation of user-supplied data during ICNS file parsing, which could lead to out-of-bounds writes that could execute arbitrary code in the current proce...