SUSE SLED15 / SLES15 Security Update : gegl (SUSE-SU-2026:1496-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1496-1 advisory. - CVE-2026-2049: improper validation of the length of user-supplied data when parsing HDR files can lead to a heap buff...

CLSA-2025-1765989021 gegl04: Fix of CVE-2025-10921

CVE-2025-10921: fix HDR file parsing heap-based buffer overflow vulnerability...

CLSA-2025-1765988423 gegl04: Fix of CVE-2025-10921

CVE-2025-10921: fix HDR file parsing heap-based buffer overflow vulnerability...

SUSE SLES12 Security Update : gegl (SUSE-SU-2025:4382-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:4382-1 advisory. - CVE-2025-10921: Fixed HDR file parsing heap-based buffer overflow that can lead to remote code execution. bsc1250496 Tenable has extracted the...

SUSE-SU-2025:4333-1 Security update for gegl

This update for gegl fixes the following issues: - CVE-2025-10921: Fixed HDR file parsing heap-based buffer overflow that can lead to remote code execution. bsc1250496...

Important: Red Hat Security Advisory: gimp security update

An update for gimp is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

gimp: GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

A heap-based buffer-overflow in GIMP’s HDR RGBE file parsing CVE-2025-10921 / ZDI-25-910 allows an attacker to execute arbitrary code when a user opens or is tricked into previewing a malicious HDR file. The flaw is caused by missing length validation before copying user-supplied HDR data into a...

CVE-2025-10921

The CVE-2025-10921 issue affects GIMP HDR parsing where HDR file data length is not properly validated before copying to a heap-based buffer, enabling remote code execution with user interaction (visiting a malicious page or opening a malicious file). The connected advisories (SUSE, AlmaLinux, Or...

EUVD-2020-27487

Malware in sbrugna...

EUVD-2016-8373

Malware in sbrugna...

EUVD-2015-8756

Malware in sbrugna...

EUVD-2020-27497

Malware in sbrugna...

K000156693: Multiple ImageMagick vulnerabilities

Security Advisory Description CVE-2016-7101 The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service out-of-bounds read via a large row value in an sgi file. CVE-2016-7513 Off-by-one error in magick/cache.c in ImageMagick allows remote attackers to cause a...

SUSE CVE-2016-7520

Heap-based buffer overflow in coders/hdr.c in ImageMagick allows remote attackers to cause a denial of service out-of-bounds read via a crafted HDR file...

SAP 3D Visual Enterprise Viewer HDR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

stb stb_image.h has an unspecified vulnerability

stb is a single-file public domain library for C/C. stbimage.h is one of the image loaders. stb stbimage.h contains a security vulnerability that stems from the HDR loader parsing truncated file-tailed RLE scan lines into an infinitely long zero-length sequence. An attacker could cause a denial o...

SAP 3D Visual Enterprise Viewer HDR File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

CVE-2020-6347

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HDR file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...

CVE-2020-6347

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HDR file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...

Input validation

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HDR file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...