597 matches found
Astra Linux – Vulnerability in sdl-image1.2
A vulnerable code execution vulnerability exists in the XPM image rendering function of SDL2image 2.0.4. A specially crafted XPM image can cause an integer overflow in the colorhash function, allocating a buffer that is too small. This buffer can then be written beyond its boundaries, leading to ...
Astra Linux – Vulnerability in sdl-image1.2
There is an exploitable code execution vulnerability in the XPM image rendering functionality of SDL2image 2.0.4. A specially crafted XPM image can cause an integer overflow, allocating a buffer that is too small. This buffer can then be written beyond its boundaries, leading to a heap overflow a...
gimp: GIMP: Remote Code Execution via XPM File Parsing Integer Overflow
A flaw was found in GIMP. Remote attackers can exploit this vulnerability by tricking a user into opening a malicious XPM X PixMap image file. This can lead to an an integer overflow during file processing, allowing the attacker to execute arbitrary code on the affected system...
TencentOS Server 3: gimp:2.8 (TSSA-2026:0324)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0324 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
AlmaLinux 8 : gimp:2.8 (ALSA-2026:17533)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:17533 advisory. gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image CVE-2026-4887 gimp: GIMP: Remote Code Execution via XPM File Parsing...
gimp:2.8 security update
An update is available for module.pygobject2, gimp, module.gimp, pygtk2, module.pygtk2, module.python2-pycairo, python2-pycairo, pygobject2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RLSA-2026:17533 Important: gimp:2.8 security update
The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: GIMP:Memo...
Important: Red Hat Security Advisory: gimp:2.8 security update
An update for the gimp:2.8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
gimp: GIMP: Remote Code Execution via XPM File Parsing Integer Overflow
A flaw was found in GIMP. Remote attackers can exploit this vulnerability by tricking a user into opening a malicious XPM X PixMap image file. This can lead to an an integer overflow during file processing, allowing the attacker to execute arbitrary code on the affected system...
RLSA-2026:16484 Important: gimp security update
The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: GIMP:Memo...
Important: gimp:2.8 security update
The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: GIMP:Memo...
AlmaLinux 9 : gimp (ALSA-2026:16484)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:16484 advisory. gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image CVE-2026-4887 gimp: GIMP: Remote Code Execution via XPM File Parsing...
RockyLinux 9 : gimp (RLSA-2026:16484)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:16484 advisory. gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image CVE-2026-4887 gimp: GIMP: Remote Code Execution via XPM File Parsing...
ALSA-2026:17533 Important: gimp:2.8 security update
The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: GIMP:Memo...
gimp: GIMP: Remote Code Execution via XPM File Parsing Integer Overflow
A flaw was found in GIMP. Remote attackers can exploit this vulnerability by tricking a user into opening a malicious XPM X PixMap image file. This can lead to an an integer overflow during file processing, allowing the attacker to execute arbitrary code on the affected system...
Important: gimp security update
The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: GIMP:Memo...
libXpm vulnerable to out-of-bounds read
Overview libXpm provided by X.Org Foundation incorrectly handles malformed XPM files, leading to an out-of-bounds read vulnerability. Out-of-bounds read CWE-125 - CVE-2026-4367 Naoki Wakamatsu reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...
Important: gimp
Issue Overview: GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious...
Amazon Linux 2 : gimp, --advisory ALAS2GIMP-2026-014 (ALASGIMP-2026-014)
The version of gimp installed on the remote host is prior to 2.8.22-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2GIMP-2026-014 advisory. GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to...
CLSA-2026-1776180138 Fix of 12 CVEs
SECURITY UPDATE: fix vulnerability in image handling - debian/patches/CVE-2025-53101.patch: fix vulnerability in image handling - CVE-2025-53101 SECURITY UPDATE: fix vulnerability in image handling - debian/patches/CVE-2025-53014.patch: fix vulnerability in image handling - CVE-2025-53014 SECURIT...