18 matches found
Astra Linux – Vulnerability in GIMP
GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow attacks. Through a specially crafted XCF file, the program will allocate a large amount of memory, leading to insufficient memory resources or the program crashing...
CVE-2025-14424
A flaw was found in GIMP. This use-after-free vulnerability in the XCF file parsing component allows a remote attacker to execute arbitrary code. Successful exploitation requires user interaction, where a target must open a specially crafted malicious XCF file. This can lead to the execution of...
EUVD-2016-8382
Malware in sbrugna...
EUVD-2022-36056
Malicious code in bioql PyPI...
SUSE CVE-2016-4994
Use-after-free vulnerability in the xcfloadimage function in app/xcf/xcf-load.c in GIMP allows remote attackers to cause a denial of service program crash or possibly execute arbitrary code via a crafted XCF file...
SUSE CVE-2017-2887
An exploitable buffer overflow vulnerability exists in the XCF property handling functionality of SDLimage 2.0.1. A specially crafted xcf file can cause a stack-based buffer overflow resulting in potential code execution. An attacker can provide a specially crafted XCF file to trigger this...
SUSE CVE-2017-6501
An issue was discovered in ImageMagick 6.9.7. A specially crafted xcf file could lead to a NULL pointer dereference...
DEBIAN-CVE-2022-32990
An issue in gimplayerinvalidateboundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via a crafted XCF file, causing a Denial of Service DoS...
CVE-2022-32990
An issue in gimplayerinvalidateboundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via a crafted XCF file, causing a Denial of Service DoS...
CVE-2022-32990
An issue in gimplayerinvalidateboundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via a crafted XCF file, causing a Denial of Service DoS...
CVE-2022-32990
An issue in gimplayerinvalidateboundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via a crafted XCF file, causing a Denial of Service DoS...
CVE-2022-32990
CVE-2022-32990 affects GNOME GIMP 2.10.30. The issue is in gimp_layer_invalidate_boundary and can be triggered by a crafted XCF file, leading to an unhandled exception and a Denial of Service (DoS) . Public references (GNOME CVE page, CNVD/CVE trackers) describe the vulnerability consistently; NV...
CVE-2022-30067
GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash...
UBUNTU-CVE-2019-5087
An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools 1.0.7. An integer overflow can occur while calculating the row's allocation size, that could be exploited to corrupt memory and eventually execute arbitrary...
PT-2019-17468 · Gimp +2 · Xcftools +2
Name of the Vulnerable Software and Affected Versions: xcftools version 1.0.7 Description: An integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries. This vulnerability can occur while calculating the row's allocation size, potentially...
DEBIAN-CVE-2017-2887
An exploitable buffer overflow vulnerability exists in the XCF property handling functionality of SDLimage 2.0.1. A specially crafted xcf file can cause a stack-based buffer overflow resulting in potential code execution. An attacker can provide a specially crafted XCF file to trigger this...
PT-2016-7371 · Imagemagick +2 · Imagemagick +2
Name of the Vulnerable Software and Affected Versions: ImageMagick affected versions not specified Description: The issue allows remote attackers to cause a denial of service, specifically an out-of-bounds read, by using a crafted XCF file. This is related to the coders/xcf.c component in...
DEBIAN-CVE-2016-4994
Use-after-free vulnerability in the xcfloadimage function in app/xcf/xcf-load.c in GIMP allows remote attackers to cause a denial of service program crash or possibly execute arbitrary code via a crafted XCF file...