10 matches found
gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability
A flaw was found in GIMP. A remote attacker can exploit this out-of-bounds write vulnerability by tricking a user into opening a specially crafted XWD X Window Dump file. This issue occurs due to improper validation of user-supplied data during XWD file parsing, leading to a write past the end of...
gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability
A flaw was found in GIMP. A remote attacker can exploit this out-of-bounds write vulnerability by tricking a user into opening a specially crafted XWD X Window Dump file. This issue occurs due to improper validation of user-supplied data during XWD file parsing, leading to a write past the end of...
CLSA-2026-1773683117 gimp: Fix of 4 CVEs
CVE-2026-2044: fix uninitialized memory read in PGM file parser - CVE-2026-2045: fix heap buffer overflow in XWD file loader - CVE-2026-2048: fix out-of-bounds write in XWD file loader - CVE-2026-0797: fix missing fread return value checks in ICO file loader...
CVE-2026-27168
SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. All versions are vulnerable to Heap-based Buffer Overflow through the XWD parser's use of the bytesperline value. The value os read directly from the file as the read size in...
CVE-2026-2048
GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open ...
gimp: GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
A heap-based buffer overflow in GIMP’s X Window Dump XWD file parser allows an attacker to craft a malicious XWD file or a web page that triggers opening one that can overflow a heap buffer during parsing and lead to remote code execution in the context of the GIMP process. The flaw is tracked as...
OESA-2025-2641 gimp security update
GIMP is a cross-platform image editor available for GNU/Linux, OS X, Windows and more operating systems. It is free software, you can change its source code and distribute your changes. Whether you are a graphic designer, photographer, illustrator, or scientist, GIMP provides you with sophisticat...
CVE-2025-10934 GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...
GIMP 安全漏洞
GIMP is an open source bitmap image editor from the GIMP team. A security vulnerability exists in GIMP that stems from not properly validating the length of user-supplied data when parsing XWD files, which could lead to a heap buffer overflow and remote code execution...
UBUNTU-CVE-2019-15139
The XWD image X Window System window dumping file parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service application crash resulting from an out-of-bounds Read in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability th...