728 matches found
CVE-2022-42939
A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process...
CVE-2022-27870
A maliciously crafted TGA file in Autodesk AutoCAD 2023 may be used to write beyond the allocated buffer while parsing TGA file. This vulnerability may be exploited to execute arbitrary code...
CVE-2022-27865
A maliciously crafted TGA or PCX file may be used to write beyond the allocated buffer through DesignReview.exe application while parsing TGA and PCX files. This vulnerability may be exploited to execute arbitrary code...
Oracle Linux 7 : gimp (ELSA-2025-22866)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-22866 advisory. - Fixes CVE-2025-10922 and CVE-2025-10934 Orabug: 38739185 - Fixes CVE-2025-5473 GIMP ICO File Parsing Integer Overflow Orabug: 38110877 - Fixes...
Debian dla-4395 : krita - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4395 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4395-1 [email protected] https://www.debian.org/lts/security/...
[SECURITY] [DLA 4395-1] krita security update
Debian LTS Advisory DLA-4395-1 [email protected] https://www.debian.org/lts/security/ Daniel Leidert December 05, 2025 https://wiki.debian.org/LTS Package : krita Version : 1:4.4.2+dfsg-1+deb11u1 CVE ID : CVE-2025-59820 Loading a manipulated TGA file in krita, an image manipulation...
Debian dsa-6065 : krita - security update
The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6065 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6065-1 [email protected] https://www.debian.org/security/...
[SECURITY] [DSA 6065-1] krita security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6065-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 27, 2025 https://www.debian.org/security/faq -...
CVE-2025-59820
In KDE Krita before 5.2.13, loading a manipulated TGA file could result in a heap-based buffer overflow in plugins/impex/tga/kistgaimport.cpp aka KisTgaImport. Control flow proceeds even when a number of pixels becomes negative...
UBUNTU-CVE-2025-59820
In KDE Krita before 5.2.13, loading a manipulated TGA file could result in a heap-based buffer overflow in plugins/impex/tga/kistgaimport.cpp aka KisTgaImport. Control flow proceeds even when a number of pixels becomes negative...
CVE-2025-59820
CVE-2025-59820 affects KDE Krita prior to 5.2.13, where loading a manipulated TGA file can trigger a heap-based buffer overflow in KisTgaImport (plugins/impex/tga/kis_tga_import.cpp). Debian/Alpine advisories confirm this can lead to potential arbitrary code execution; fixed packages are provided...
CVE-2025-59820
In KDE Krita before 5.2.13, loading a manipulated TGA file could result in a heap-based buffer overflow in plugins/impex/tga/kistgaimport.cpp aka KisTgaImport. Control flow proceeds even when a number of pixels becomes negative...
CVE-2025-59820
In KDE Krita before 5.2.13, loading a manipulated TGA file could result in a heap-based buffer overflow in plugins/impex/tga/kistgaimport.cpp aka KisTgaImport. Control flow proceeds even when a number of pixels becomes negative...
CVE-2025-59820
In KDE Krita before 5.2.13, loading a manipulated TGA file could result in a heap-based buffer overflow in plugins/impex/tga/kistgaimport.cpp aka KisTgaImport. Control flow proceeds even when a number of pixels becomes negative...
CVE-2025-59820
In KDE Krita before 5.2.13, loading a manipulated TGA file could result in a heap-based buffer overflow in plugins/impex/tga/kistgaimport.cpp aka KisTgaImport. Control flow proceeds even when a number of pixels becomes negative...
TencentOS Server 4: gimp (TSSA-2025:0601)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0601 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
TencentOS Server 3: gimp:2.8 (TSSA-2025:0473)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0473 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Krita TGA File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Krita. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TGA files. Th...
[SECURITY] [DLA 4342-1] gimp security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4342-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler October 22, 2025 https://wiki.debian.org/LTS -...
RockyLinux 9 : gimp (RLSA-2025:9162)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:9162 advisory. gimp: Multiple use after free in XCF parser CVE-2025-48798 gimp: Multiple heap buffer overflows in TGA parser CVE-2025-48797 gimp: GIMP ICO File Parsing...