CVE-2024-34600

Improper verification of intent by broadcast receiver vulnerability in Samsung Flow prior to version 4.9.13.0 allows local attackers to copy image files to external storage...

CVE-2021-22234

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.11 before 13.11.7, all versions starting from 13.12 before 13.12.8, and all versions starting from 14.0 before 14.0.4. A specially crafted design image allowed attackers to read arbitrary files on the server...

CVE-2022-27821

Improper boundary check in Quram Agif library prior to SMR Apr-2022 Release 1 allows attackers to cause denial of service via crafted image file...

CVE-2025-15277

FontForge GUtils SGI File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2025-68431

libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in HeifPixelImage::overlay. The function computes a negative row length likely from an unclipped overlay rectangle or...

DEBIAN-CVE-2025-14424

GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

CVE-2025-14424

GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via genericunpack. An attacker can achieve arbitrary code execution by tricking a user into opening a specially crafted EXR file that exploits improper validation of user-supplied data, leading to a heap-based...

Heap-based Buffer Overflow

Overview OpenEXR is a Python bindings for the OpenEXR image file format Affected versions of this package are vulnerable to Heap-based Buffer Overflow via genericunpack. An attacker can achieve arbitrary code execution by tricking a user into opening a specially crafted EXR file that exploits...

CVE-2023-53979 MyBB 1.8.32 Authenticated Remote Code Execution via Chained Vulnerabilities

MyBB 1.8.32 contains a chained vulnerability that allows authenticated administrators to bypass avatar upload restrictions and execute arbitrary code. Attackers can modify upload path settings, upload a malicious PHP-embedded image file, and execute commands through the language configuration...

CVE-2025-68469

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.1-14, ImageMagick crashes when processing a crafted TIFF file. Version 7.1.1-14 fixes the issue...

EUVD-2025-204303

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.1-14, ImageMagick crashes when processing a crafted TIFF file. Version 7.1.1-14 fixes the issue...

CVE-2025-68469 ImageMagick vulnerable to heap-buffer-overflow

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.1-14, ImageMagick crashes when processing a crafted TIFF file. Version 7.1.1-14 fixes the issue...

CVE-2025-68469

CVE-2025-68469 affects ImageMagick prior to 7.1.1-14, where processing a specially crafted TIFF file causes a crash. The issue is fixed in 7.1.1-14. For administrators, remediation is to upgrade ImageMagick to 7.1.1-14 or later (per the initial description and connected advisories referencing the...

PT-2025-52258

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.1-14 Description ImageMagick, a free and open-source software used for editing and manipulating digital images, experiences crashes when processing a specially crafted TIFF file. Recommendations Update to...

PT-2025-51985

Name of the Vulnerable Software and Affected Versions GIMP affected versions not specified Description A flaw exists in the parsing of XCF files within GIMP, leading to a use-after-free condition. This allows remote attackers to potentially execute arbitrary code on affected systems. User...

CVE-2023-53876 Academy LMS 6.1 Arbitrary File Upload Vulnerability via Profile Settings

Academy LMS 6.1 contains a file upload vulnerability that allows authenticated users to upload malicious SVG files with stored cross-site scripting payloads. Attackers can inject malicious scripts through the profile avatar upload feature by modifying file extensions and embedding executable...

CVE-2025-14522

CVE-2025-14522 affects baowzh hfly with an unrestricted file upload via the imgFile parameter in /Public/Kindeditor/php/upload_json.php. The root cause is manipulation of imgFile, enabling remote exploitation; exploitation status and affected versions are not clearly defined in the provided detai...

RLSA-2025:22417 Important: gimp:2.8 security update

The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: GIMP DCM...

EUVD-2025-200141

Out-of-bounds write in parsing IFD tag in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory...