CVE-2026-42144

A flaw was found in the CImg library. An integer overflow vulnerability in the WHD size computation inside loadpnm can bypass the memory allocation guard. A crafted PNM/PGM/PPM file with large dimension values causes the overflow to wrap around, allocating an undersized buffer and potentially...

PT-2026-36892

Name of the Vulnerable Software and Affected Versions CImg Library versions prior to commit 4ca26bc Description An integer overflow exists in the load pnm function during the computation of WHD size. A specially crafted PNM, PGM, or PPM file containing large dimension values can cause the...

gimp: GIMP: Remote Code Execution via PNM file parsing integer overflow

A flaw was found in GIMP. A remote attacker could exploit an integer overflow vulnerability during the parsing of a malicious PNM Portable Anymap image file. This issue stems from insufficient validation of user-supplied data, which can lead to an integer overflow before memory allocation...

MGASA-2026-0012 Updated gimp packages fix security vulnerabilities

XWD File Parsing Integer Overflow Remote Code Execution Vulnerability. CVE-2025-2760 FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. CVE-2025-2761 Multiple heap buffer overflows in tga parser. CVE-2025-48797 Multiple use after free in xcf parser. CVE-2025-48798 XWD File...

OESA-2026-1115 gimp security update

The GIMP is an image composition and editing program, which can be used for creating logos and other graphics for Web pages. The GIMP offers many tools and filters, and provides a large image manipulation toolbox, including channel operations and layers, effects, subpixel imaging and antialiasing...

CVE-2025-14422

GIMP PNM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

GIMP PNM File Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PNM files. The...

SUSE CVE-2005-3662

Off-by-one buffer overflow in pnmtopng before 2.39, when using the -alpha command line option AlphasOfColor, allows attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted PNM file with exactly 256 colors...

UBUNTU-CVE-2017-9158

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service invalid write and SEGV, related to the pnmloadraw function in input-pnm.c:336:11...