Lucene search
K

159 matches found

Cvelist
Cvelist
added 2026/03/26 12:8 p.m.27 views

CVE-2026-4887 Gimp: gimp:memory disclosure and denial of service via specially crafted pcx image

A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible...

6.1CVSS0.00634EPSS
Exploits1References14
RedhatCVE
RedhatCVE
added 2026/03/26 12:8 p.m.3 views

CVE-2026-4887

A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible...

6.1CVSS5.9AI score0.00634EPSS
Exploits1References4
OSV
OSV
added 2026/02/05 5:7 p.m.8 views

CLSA-2026-1770311244 gimp: Fix of 2 CVEs

CVE-2025-14425: fix JP2 image loader buffer overflow by validating pixel buffer size calculation to prevent potential remote code execution - CVE-2025-14422: fix parsing of PNM files to prevent integer overflow leading to remote code execution...

7.8CVSS7.8AI score0.00539EPSS
Exploits1References1
OSV
OSV
added 2026/01/29 3:50 p.m.8 views

CLSA-2026-1769701814 gimp: Fix of 2 CVEs

CVE-2025-14425: fix JP2 image loader buffer overflow by validating pixel buffer size calculation to prevent potential remote code execution - CVE-2025-14422: fix parsing of PNM files to prevent integer overflow leading to remote code execution...

7.8CVSS7.8AI score0.00539EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:7 a.m.7 views

CVE-2019-20056

stbimage.h aka the stb image loader 2.23, as used in libsixel and other products, has an assertion failure in stbishiftsigned...

6.5CVSS6.8AI score0.00935EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-9376

Malware in sbrugna...

8.8CVSS7.7AI score0.01404EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-10612

Malware in sbrugna...

6.5CVSS6.4AI score0.00935EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-9286

Malware in sbrugna...

10CVSS9.5AI score0.02251EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2011-1816

Malware in sbrugna...

6.8CVSS6.1AI score0.01353EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-6142

Malware in sbrugna...

9.1CVSS9.1AI score0.02796EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-32426

Malicious code in bioql PyPI...

5.5CVSS5.5AI score0.00604EPSS
Exploits1References2
Redos
Redos
added 2025/09/24 12:0 a.m.5 views

ROS-20250924-08

A vulnerability in the LZW decoder of the GdkPixbufc image loading library is related to information disclosure. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information. information GdkPixbufs image loading library vulnerability is related to...

7.5CVSS7.8AI score0.01051EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-0546

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds heap access, allowing an attacker to cause denial of service,...

7.8CVSS7.2AI score0.0113EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-21775

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page c...

8CVSS6.8AI score0.0127EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-19777

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - stbimage.h aka the stb image loader 2.23, as used in libsixel and other products, has a heap-based buffer over-read in stbiloadmain. CVE-2019-19777 Note that...

8.8CVSS7.7AI score0.01404EPSS
Exploits1References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in vite-plugin-image-loader (npm)

The package vite-plugin-image-loader was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-38511 Malicious code in vite-plugin-image-loader (npm)

The package vite-plugin-image-loader was found to contain malicious code...

7.2AI score
Exploits0
Fedora
Fedora
added 2025/08/07 1:13 a.m.7 views

[SECURITY] Fedora 41 Update: gdk-pixbuf2-2.42.12-9.fc41

gdk-pixbuf is an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter...

7.5CVSS7.4AI score0.01051EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/07/07 2:28 a.m.3 views

webkitgtk: Use-after-free in ImageLoader dispatchPendingErrorEvent leading to information leak and possibly code execution

A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked in...

8CVSS7.3AI score0.0127EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2022-27938

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - stbimage.h aka the stb image loader 2.19, as used in libsixel and other products, has a reachable assertion in stbicreatepngimageraw. CVE-2022-27938 Note that...

5.5CVSS6.1AI score0.00604EPSS
Exploits1References3
Rows per page
Query Builder