[SECURITY] Fedora 42 Update: vhs-0.9.0-2.fc42

Write terminal GIFs as code for integration testing and demoing your CLI tool s...

CVE-2026-33018 libsixel: Use-After-Free in load_gif()

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a Use-After-Free vulnerability via the loadgif function in fromgif.c, where a single sixelframet object is reused across all frames of an animated GIF and gifinitframe unconditionally...

CVE-2026-33018

libsixel 1.8.7 and prior contain a heap use‑after‑free in load_gif() (fromgif.c): a single sixel_frame_t is reused across all frames of an animated GIF and gif_init_frame() frees/reallocates frame->pixels between frames regardless of reference counts. A callback using sixel_frame_get_pixels() ...

CVE-2026-5313

A flaw was found in Nothings stb. A remote attacker can exploit a vulnerability in the stbigifloadnext function within the GIF Decoder component of the stbimage.h library. This manipulation can lead to a denial of service DoS, making the affected system or application unavailable. The exploit for...

CVE-2026-25535 jsPDF Affected by Client-Side/Server-Side Denial of Service via Malicious GIF Dimensions

jsPDF is a library to generate PDFs in JavaScript. Prior to 4.2.0, user control of the first argument of the addImage method results in denial of service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful GIF file that results in...

Mozilla Firefox ESR < 31.1

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 31.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2014-69 advisory. - Apparent info leak caused by uninitialized memory with malformed GIFsCVE-2014-1564 CVE-2014-1564 Note that Nessus...

Mozilla Thunderbird < 31.1

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 31.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2014-69 advisory. - Apparent info leak caused by uninitialized memory with malformed GIFsCVE-2014-1564 CVE-2014-1564 Note that Nessus...

Mozilla Firefox < 32.0

The version of Firefox installed on the remote Windows host is prior to 32.0. It is, therefore, affected by a vulnerability as referenced in the mfsa2014-69 advisory. - Apparent info leak caused by uninitialized memory with malformed GIFsCVE-2014-1564 CVE-2014-1564 Note that Nessus has not tested...

[SECURITY] Fedora 41 Update: ImageMagick-7.1.1.47-1.fc41

ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed wor...

Exploit for Command Injection in Netgate Pfsense

pfSense 2.7.0 Command Injection Exploit CVE-2023-42326 This...

[SECURITY] Fedora 38 Update: ImageMagick-7.1.1.26-2.fc38

ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed wor...

AsyncRAT Infiltrates Key US Infrastructure Through GIFs and SVGs

By Deeba Ahmed Undetected for Over 11 Months, AsyncRAT Lurked on Systems of Sensitive US Agencies with Critical Infrastructures, reports the… This is a post from HackRead.com Read the original post: AsyncRAT Infiltrates Key US Infrastructure Through GIFs and SVGs...

Fedora: Security Advisory for ImageMagick (FEDORA-2023-edbdccae2a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WhatsApp Upgrades Proxy Feature Against Internet Shutdowns

Meta's WhatsApp has rolled out updates to its proxy feature, allowing more flexibility in the kind of content that can be shared in conversations. This includes the ability to send and receive images, voice notes, files, stickers and GIFs, WhatsApp told The Hacker News. The new features were firs...

WhatsApp Upgrades Proxy Feature Against Internet Shutdowns

Meta's WhatsApp has rolled out updates to its proxy feature, allowing more flexibility in the kind of content that can be shared in conversations. This includes the ability to send and receive images, voice notes, files, stickers and GIFs, WhatsApp told The Hacker News. The new features were firs...

[SECURITY] Fedora 38 Update: ImageMagick-7.1.1.11-1.fc38

ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed wor...

SUSE CVE-2011-2639

Opera before 11.10 does not properly handle hidden animated GIF images, which allows remote attackers to cause a denial of service CPU consumption via an image file that triggers continual repaints...

SUSE CVE-2021-20240

A flaw was found in gdk-pixbuf in versions before 2.42.0. An integer wraparound leading to an out of bounds write can occur when a crafted GIF image is loaded. An attacker may cause applications to crash or could potentially execute code on the victim system. The highest threat from this...

Microsoft Teams' GIFShell Attack: What Is It and How You Can Protect Yourself from It

Organizations and security teams work to protect themselves from any vulnerability, and often don't realize that risk is also brought on by configurations in their SaaS apps that have not been hardened. The newly published GIFShell attack method, which occurs through Microsoft Teams, is a perfect...

Fedora: Security Advisory for ImageMagick (FEDORA-2022-776925f086)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...