159 matches found
CVE-2026-4887 Gimp: gimp:memory disclosure and denial of service via specially crafted pcx image
A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible...
CVE-2026-4887
A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible...
CLSA-2026-1770311244 gimp: Fix of 2 CVEs
CVE-2025-14425: fix JP2 image loader buffer overflow by validating pixel buffer size calculation to prevent potential remote code execution - CVE-2025-14422: fix parsing of PNM files to prevent integer overflow leading to remote code execution...
CLSA-2026-1769701814 gimp: Fix of 2 CVEs
CVE-2025-14425: fix JP2 image loader buffer overflow by validating pixel buffer size calculation to prevent potential remote code execution - CVE-2025-14422: fix parsing of PNM files to prevent integer overflow leading to remote code execution...
CVE-2019-20056
stbimage.h aka the stb image loader 2.23, as used in libsixel and other products, has an assertion failure in stbishiftsigned...
EUVD-2019-9376
Malware in sbrugna...
EUVD-2019-10612
Malware in sbrugna...
EUVD-2016-9286
Malware in sbrugna...
EUVD-2011-1816
Malware in sbrugna...
EUVD-2019-6142
Malware in sbrugna...
EUVD-2022-32426
Malicious code in bioql PyPI...
ROS-20250924-08
A vulnerability in the LZW decoder of the GdkPixbufc image loading library is related to information disclosure. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information. information GdkPixbufs image loading library vulnerability is related to...
Linux Distros Unpatched Vulnerability : CVE-2022-0546
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds heap access, allowing an attacker to cause denial of service,...
Linux Distros Unpatched Vulnerability : CVE-2021-21775
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page c...
Linux Distros Unpatched Vulnerability : CVE-2019-19777
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - stbimage.h aka the stb image loader 2.23, as used in libsixel and other products, has a heap-based buffer over-read in stbiloadmain. CVE-2019-19777 Note that...
Malicious code in vite-plugin-image-loader (npm)
The package vite-plugin-image-loader was found to contain malicious code...
MAL-2025-38511 Malicious code in vite-plugin-image-loader (npm)
The package vite-plugin-image-loader was found to contain malicious code...
[SECURITY] Fedora 41 Update: gdk-pixbuf2-2.42.12-9.fc41
gdk-pixbuf is an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter...
webkitgtk: Use-after-free in ImageLoader dispatchPendingErrorEvent leading to information leak and possibly code execution
A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked in...
Linux Distros Unpatched Vulnerability : CVE-2022-27938
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - stbimage.h aka the stb image loader 2.19, as used in libsixel and other products, has a reachable assertion in stbicreatepngimageraw. CVE-2022-27938 Note that...