Lucene search
K

596 matches found

NVD
NVD
added 2026/04/11 1:16 a.m.10 views

CVE-2026-4154

GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

7.8CVSS0.00596EPSS
Exploits0References16
OSV
OSV
added 2026/04/11 1:16 a.m.5 views

DEBIAN-CVE-2026-4154

GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

7.8CVSS7.8AI score0.00596EPSS
Exploits0References1
OSV
OSV
added 2026/04/11 1:16 a.m.6 views

UBUNTU-CVE-2026-4154

GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

7.8CVSS6.2AI score0.00596EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/04/11 1:16 a.m.6 views

CVE-2026-4154

GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

7.8CVSS7.6AI score0.00596EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/11 12:16 a.m.3 views

CVE-2026-4154

GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

7.8CVSS7.6AI score0.00596EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/04/11 12:16 a.m.30 views

CVE-2026-4154

CVE-2026-4154 : GIMP is vulnerable via the parsing of XPM files, due to an integer overflow when allocating a buffer after validating input. This can allow arbitrary code execution in the attacker’s context. Exploitation requires user interaction (e.g., visiting a malicious page or opening a craf...

7.8CVSS7.6AI score0.00596EPSS
Exploits0References16Affected Software1
Cvelist
Cvelist
added 2026/04/11 12:16 a.m.28 views

CVE-2026-4154 GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability

GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

7.8CVSS0.00596EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/11 12:16 a.m.10 views

EUVD-2026-21638

GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

7.8CVSS7.6AI score0.00596EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/04/11 12:16 a.m.4 views

CVE-2026-4154

GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

7.8CVSS7.8AI score0.00596EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/11 12:0 a.m.6 views

GIMP 输入验证错误漏洞

GIMP is an open-source bitmap image editor developed by the GIMP team. GIMP has a vulnerability related to input validation, which stems from integer overflow during the parsing of XPM files. This vulnerability may lead to remote code execution...

7.8CVSS7.5AI score0.00596EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/11 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-4154

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected...

7.8CVSS7.8AI score0.00596EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.5 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gimp (SUSE-SU-2026:1193-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1193-1 advisory. - CVE-2026-4150: PSD File Parsing Integer Overflow Remote Code Execution Vulnerability bsc125997...

7.8CVSS7.2AI score0.00755EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/03/29 12:0 a.m.4 views

openSUSE 16 Security Update : gimp (openSUSE-SU-2026:20428-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20428-1 advisory. Changes in gimp: - CVE-2026-4150: Fixed PSD file parsing integer overflow vulnerability bsc1259979 = CVE-2026-4151: Fixed ANI file parsing integ...

7.8CVSS7.3AI score0.00755EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/03/27 12:0 a.m.3 views

GIMP < 3.2.0 Multiple Vulnerabilities (macOS)

The version of GIMP installed on the remote macOS host is prior to 3.2.0. It is, therefore, affected by multiple vulnerabilities: - An integer overflow condition exists in PSD file parsing due to improper validation of user-supplied data. An unauthenticated, local attacker can exploit this, via a...

7.8CVSS7.6AI score0.00755EPSS
Exploits0References17
OSV
OSV
added 2026/03/20 10:32 a.m.5 views

CLSA-2026-1774002757 Fix CVE(s): CVE-2026-25898

SECURITY UPDATE: global buffer overflow read in UIL and XPM encoders. - debian/patches/CVE-2026-25898.patch: clamp negative pixel index values to zero in WriteUILImage, WritePICONImage, and WriteXPMImage before using them as array subscripts into the Cixel table. - CVE-2026-25898...

9.1CVSS7.1AI score0.00348EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2026/03/19 12:0 a.m.6 views

GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XPM files. The...

7.8CVSS6.2AI score0.00596EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/06 12:0 a.m.7 views

PT-2026-26461

Name of the Vulnerable Software and Affected Versions GIMP affected versions not specified Description A flaw exists within the parsing of XPM files due to a lack of proper validation of user-supplied data, resulting in an integer overflow before buffer allocation. This can allow a remote attacke...

7.8CVSS7.6AI score0.00755EPSS
Exploits0References61
Ubuntu
Ubuntu
added 2026/03/04 12:11 p.m.8 views

USN-8069-1: ImageMagick vulnerabilities

It was discovered that ImageMagick did not properly decode certain SUN image files. An attacker could use this issue to cause ImageMagick to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2026-25897 It was discovered that ImageMagick did not properly validate pix...

9.8CVSS6.2AI score0.00461EPSS
Exploits0
OSV
OSV
added 2026/03/04 12:11 p.m.8 views

USN-8069-1 imagemagick vulnerabilities

It was discovered that ImageMagick did not properly decode certain SUN image files. An attacker could use this issue to cause ImageMagick to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2026-25897 It was discovered that ImageMagick did not properly validate pix...

9.8CVSS6AI score0.00461EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/02/25 12:24 a.m.5 views

SUSE CVE-2026-25898

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the UIL and XPM image encoder do not validate the pixel index value returned by GetPixelIndex before using it as an array subscript. In HDRI builds, Quantum is ...

6.5CVSS6AI score0.00348EPSS
Exploits0References6
Rows per page
Query Builder