23 matches found
EUVD-2026-36187
ImageMagick: Policy Bypass can Trigger an Out-of-Memory condition...
CVE-2026-4154
GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...
RHSA-2026:5436 Red Hat Security Advisory: gimp:2.8 security update
Bulletin has no description...
EUVD-2026-10397
ImageMagick has heap-based buffer overflow in UHDR encoder...
EUVD-2026-10385
ImageMagick has uninitialized pointer dereference in JBIG decoder...
CVE-2026-28493
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16, an integer overflow vulnerability exists in the SIXEL decoer. The vulnerability allows an attacker to perform an out of bounds via a specially crafted image. This vulnerabili...
EUVD-2026-10386
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an uninitialized pointer dereference vulnerability exists in the JBIG decoder due to a missing check. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41...
EUVD-2026-7415
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted profile contain invalid IPTC data may cause an infinite loop when writing it with IPTCTEXT. Versions 7.1.2-15 and 6.9.13-40 contain a patch...
CVE-2025-68618 Magick's failure to limit the depth of SVG file reads caused a DoS attack.
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, using Magick to read a malicious SVG file resulted in a DoS attack. Version 7.1.2-12 fixes the issue...
PT-2025-51986
Name of the Vulnerable Software and Affected Versions GIMP affected versions not specified Description A flaw exists in GIMP's parsing of JP2 files, stemming from insufficient validation of user-supplied data length before copying it into a heap-based buffer. This can allow a remote attacker to...
DSA-6014-1 gimp - security update
Bulletin has no description...
RLSA-2025:7417 Important: gimp security update
The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: dds buffe...
Important: gimp security update
The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: Multiple...
dotPDN Paint.NET 代码问题漏洞
dotPDN Paint.NET is a free image and photo editing software for PCs running Windows from dotPDN, Inc. A security vulnerability exists in dotPDN Paint.NET versions prior to 4.1.2 that stems from allowing deserialization of untrusted data...
The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in the possibility of an operation going beyond the buffer in memory, allowing a hacker to execute arbitrary code.
The vulnerability of Adobe After Effects video and dynamic image editing software relates to the execution of operations beyond buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code on the target system...
The vulnerability of Adobe After Effects’ video and dynamic image editing software arises from the use of a null pointer, which allows an attacker to trigger a service failure.
The vulnerability of Adobe After Effects software for video and dynamic image editing is caused by a pointer issue. Exploiting this vulnerability can allow an attacker to cause service failures...
Adobe Patches Critical Photoshop, Digital Edition Flaws
Adobe on Tuesday released its March Security Update, reporting and fixing only two critical flaws: one in Photoshop CC and one in Adobe Digital Editions. Both critical flaws could allow a bad actor to achieve arbitrary code execution in the context of the current user, Adobe said. The company sai...
Shopify: SSRF in Exchange leads to ROOT access in all instances
The Exploit Chain - How to get root access on all Shopify instances 1 - Access Google Cloud Metadata - 1: Create a store partners.shopify.com - 2: Edit the template password.liquid and add the following content: html...
Computerinsel Photoline Remote Code Execution Vulnerability (CNVD-2017-30860)
Computerinsel Photoline is a suite of image editing software. A remote code execution vulnerability exists in the .GIF parsing feature in Computerinsel Photoline version 20.02. A remote attacker can exploit this vulnerability by sending a specially crafted .GIF file to execute code...
PhotoLine Handles JPG Image Memory Corruption Vulnerability
PhotoLine is a professional image editing software from Germany. A memory corruption vulnerability exists in the program's handling of the JPG format. Allowing an attacker to exploit this vulnerability to construct malformed JPG files could crash the program...