Lucene search
K

107 matches found

RedhatCVE
RedhatCVE
added 2026/06/25 2:9 a.m.10 views

CVE-2026-2050

A flaw was found in GIMP. This vulnerability, a heap-based buffer overflow, occurs during the parsing of HDR High Dynamic Range files due to insufficient validation of user-supplied data length. A remote attacker could exploit this by convincing a user to open a specially crafted malicious file,...

7.8CVSS7.7AI score0.00552EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Gegl

GIMP HDR File Parsing: Heap-Based Buffer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page ...

7.8CVSS7.8AI score0.00452EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/11 12:32 a.m.9 views

EUVD-2026-36156

GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS7.7AI score0.00615EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/10 9:22 p.m.7 views

CVE-2026-2049 GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS7.7AI score0.00615EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/18 5:48 p.m.10 views

Improper Validation of Array Index

Overview Magick.NET-Q16-HDRI-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

7.1CVSS5.9AI score0.00122EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.7 views

SUSE SLES12 Security Update : gegl (SUSE-SU-2026:1479-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:1479-1 advisory. This update for gegl fixes the following issue: - CVE-2026-2049: improper validation of the length of user-supplied data when parsing HDR files can lea...

7.8CVSS6.1AI score0.00615EPSS
Exploits0References4
OSV
OSV
added 2026/04/20 4:14 p.m.6 views

SUSE-SU-2026:1496-1 Security update for gegl

This update for gegl fixes the following issues: - CVE-2026-2049: improper validation of the length of user-supplied data when parsing HDR files can lead to a heap buffer overflow bsc1259749...

7.8CVSS6AI score0.00615EPSS
Exploits0References3
OSV
OSV
added 2026/04/20 10:9 a.m.5 views

SUSE-SU-2026:1481-1 Security update for gegl

This update for gegl fixes the following issue: - CVE-2026-2049: improper validation of the length of user-supplied data when parsing HDR files can lead to a heap buffer overflow bsc1259749...

7.8CVSS7.3AI score0.00615EPSS
Exploits0References3
OSV
OSV
added 2026/04/20 10:9 a.m.5 views

SUSE-SU-2026:1479-1 Security update for gegl

This update for gegl fixes the following issue: - CVE-2026-2049: improper validation of the length of user-supplied data when parsing HDR files can lead to a heap buffer overflow bsc1259749...

7.8CVSS6AI score0.00615EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/13 11:6 p.m.9 views

Use After Free

Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00184EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/12 10:39 p.m.5 views

Stack-based Buffer Overflow

Overview Magick.NET-Q16-HDRI-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.7CVSS5.8AI score0.00096EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/12 2:15 p.m.7 views

Heap-based Buffer Overflow

Overview Magick.NET-Q16-HDRI-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.6CVSS5.8AI score0.00108EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/12 2:15 p.m.6 views

Heap-based Buffer Overflow

Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.6CVSS5.8AI score0.00108EPSS
Exploits0References2
OSV
OSV
added 2026/03/12 2:15 p.m.2 views

GHSA-H95R-C8C7-MRWX ImageMagick has heap-based buffer overflow in UHDR encoder

A heap-based buffer overflow in the UHDR encoder can happen due to truncation of a value and it would allow an out of bounds write. ================================================================ ==2158399==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x521000039500 at pc...

6.8CVSS6AI score0.00108EPSS
Exploits0References4
Snyk
Snyk
added 2026/03/09 9:46 p.m.3 views

Stack-based Buffer Overflow

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

8.6CVSS5.9AI score0.00107EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/25 7:15 p.m.5 views

Out-of-bounds Read

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

3.3CVSS6.1AI score
Exploits0References3
Snyk
Snyk
added 2026/02/25 7:13 p.m.5 views

Missing Release of Memory after Effective Lifetime

Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.9CVSS6AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/02/24 3:39 p.m.8 views

ImageMagick has Global Buffer Overflow (OOB Read) via Negative Pixel Index in UIL and XPM Writer

The UIL and XPM image encoder do not validate the pixel index value returned by GetPixelIndex before using it as an array subscript. In HDRI builds, Quantum is a floating-point type, so pixel index values can be negative. An attacker can craft an image with negative pixel index values to trigger ...

9.1CVSS5.8AI score0.00348EPSS
Exploits0References5Affected Software17
Snyk
Snyk
added 2026/02/24 3:37 p.m.1 views

Division by zero

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

7.5CVSS6AI score0.00385EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 12:53 a.m.6 views

Integer Overflow or Wraparound

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

8.2CVSS6.2AI score0.0042EPSS
Exploits0References2
Rows per page
Query Builder