[slackware-security] krita

New krita packages are available for Slackware 15.0 to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/krita-5.0.2-i586-3slack15.0.txz: Rebuilt. This update fixes a security issue: Heap-based buffer overflow when parsing TGA files. Thanks to pbslxw f...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : GIMP vulnerabilities (USN-8075-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8075-1 advisory. Michael Randrianantenaina discovered that calculating the linear size of a DDS file could overflow on...

CVE-2025-59820

In KDE Krita before 5.2.13, loading a manipulated TGA file could result in a heap-based buffer overflow in plugins/impex/tga/kistgaimport.cpp aka KisTgaImport. Control flow proceeds even when a number of pixels becomes negative...

UBUNTU-CVE-2025-59820

In KDE Krita before 5.2.13, loading a manipulated TGA file could result in a heap-based buffer overflow in plugins/impex/tga/kistgaimport.cpp aka KisTgaImport. Control flow proceeds even when a number of pixels becomes negative...

CVE-2025-59820

CVE-2025-59820 affects KDE Krita prior to 5.2.13, where loading a manipulated TGA file can trigger a heap-based buffer overflow in KisTgaImport (plugins/impex/tga/kis_tga_import.cpp). Debian/Alpine advisories confirm this can lead to potential arbitrary code execution; fixed packages are provided...

EUVD-2017-15554

Malware in sbrugna...

EUVD-2020-19511

Malware in sbrugna...

USN-7579-1 godot vulnerabilities

It was discovered that the Godot Engine did not properly handle certain malformed WebM media files. If the Godot Engine opened a specially crafted WebM file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. CVE-2019-2126 It was discovered that the Godot Engin...

Linux Distros Unpatched Vulnerability : CVE-2021-38115

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - readheadertga in gdtga.c in the GD Graphics Library aka LibGD through 2.3.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafte...

CVE-2024-9113

FastStone Image Viewer TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FastStone Image Viewer. User interaction is required to exploit this vulnerability in that the target...

CVE-2024-9113

CVE-2024-9113 concerns FastStone Image Viewer. The vulnerability stems from the TGA file parsing path, where insufficient validation of user-supplied data can cause an out-of-bounds write, yielding remote code execution in the affected process. Exploitation requires user interaction (visiting a m...

CVE-2024-9746

The CVE-2024-9746 entry describes a vulnerability in Tungsten Automation Power PDF where the TGA file parsing accepts crafted data leading to an out-of-bounds write. This can allow code execution in the context of the affected process. Exploitation requires user interaction (visiting a malicious ...

Autodesk Design Review Multiple Vulnerabilities (adsk-sa-2021-0003)

The version of Autodesk Design Review installed on the remote Windows host is a version prior to 2018 hotfix 4. It is, therefore, affected by multiple vulnerabilities. - A heap-based buffer overflow could occur while parsing PICT, PCX, RCL or TIFF files in Autodesk Design Review 2018, 2017, 2013,...

SUSE CVE-2017-6498

An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could trigger assertion failures, thus leading to DoS...

SUSE CVE-2022-30595

libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of invalid TGA image files...

DEBIAN-CVE-2021-36489

Buffer Overflow vulnerability in Allegro through 5.2.6 allows attackers to cause a denial of service via crafted PCX/TGA/BMP files to allegroimage addon...

Heap overflow

A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code...

Autodesk Image Processing 缓冲区错误漏洞

Autodesk Image Processing is an image processing software from the US company Autodesk. A security vulnerability exists in Autodesk Image Processing, which can be exploited by an attacker to execute arbitrary code when the Autodesk Image Processing component writes out of an allocated buffer when...

CVE-2022-27865

A maliciously crafted TGA or PCX file may be used to write beyond the allocated buffer through DesignReview.exe application while parsing TGA and PCX files. This vulnerability may be exploited to execute arbitrary code...

Autodesk AutoCAD Buffer Error Vulnerability (CNVD-2022-61610)

Autodesk AutoCAD is a professional 3D drawing software from Autodesk, Inc. A security vulnerability exists in Autodesk AutoCAD 2023 and prior versions, which stems from writing beyond the allocated buffer when parsing TGA files, and can be exploited by attackers to execute arbitrary code...