Lucene search
K

24 matches found

Vulnrichment
Vulnrichment
added 2026/06/10 1:2 p.m.9 views

CVE-2025-71330 image-size 2.0.2 Denial of Service via Malformed ICNS Image Parsing

image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted ICNS image buffer. Attackers can craft an ICNS buffer containing valid magic bytes and a zero-valued entry length field to...

8.7CVSS5.8AI score0.0043EPSS
Exploits1References3
CVE
CVE
added 2026/06/10 1:2 p.m.39 views

CVE-2025-71330

The CVE-2025-71330 issue affects image-size

8.7CVSS5.8AI score0.0043EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.17 views

PT-2026-48404

Name of the Vulnerable Software and Affected Versions image-size versions prior to 2.0.3 Description A denial of service issue exists where remote attackers can permanently block the Node.js event loop by providing a specially crafted ICNS image buffer. By supplying an ICNS buffer with valid magi...

8.7CVSS5.5AI score0.0043EPSS
Exploits1References8
UbuntuCve
UbuntuCve
added 2026/04/15 8:16 p.m.4 views

CVE-2026-40917

A flaw was found in GIMP. This vulnerability, a heap buffer over-read in the icnsslurp function, occurs when processing specially crafted ICNS image files. An attacker could provide a malicious ICNS file, potentially leading to application crashes or information disclosure on systems that process...

7.1CVSS5.8AI score0.00167EPSS
Exploits0References2
OSV
OSV
added 2026/03/11 12:5 p.m.7 views

RLSA-2026:4173 Important: gimp security update

The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: GIMP:...

8.8CVSS6.5AI score0.01157EPSS
Exploits0References6
Rockylinux
Rockylinux
added 2026/03/11 12:5 p.m.6 views

gimp security update

An update is available for gimp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The GIMP GNU Image Manipulation Program is an image composition and editing...

8.8CVSS6.4AI score0.01157EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/11 12:0 a.m.7 views

AlmaLinux 9 : gimp (ALSA-2026:4173)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:4173 advisory. gimp: GIMP: Remote code execution via heap-based buffer overflow in ICNS file parsing CVE-2026-2047 gimp: GIMP: Remote Code Execution via uninitialized...

8.8CVSS6.5AI score0.01157EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/03/11 12:0 a.m.5 views

RockyLinux 9 : gimp (RLSA-2026:4173)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:4173 advisory. gimp: GIMP: Remote code execution via heap-based buffer overflow in ICNS file parsing CVE-2026-2047 gimp: GIMP: Remote Code Execution via uninitialized...

8.8CVSS6.5AI score0.01157EPSS
Exploits0References11
OSV
OSV
added 2026/03/10 12:0 a.m.6 views

ALSA-2026:4173 Important: gimp security update

The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: GIMP:...

8.8CVSS6.4AI score0.01157EPSS
Exploits0References12
OSV
OSV
added 2026/02/20 11:16 p.m.7 views

DEBIAN-CVE-2026-2047

GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page ...

7.8CVSS7.8AI score0.0062EPSS
Exploits0References1
OSV
OSV
added 2026/02/20 10:23 p.m.6 views

CVE-2026-2047 GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page ...

7.8CVSS7.6AI score0.0062EPSS
Exploits0References8
CVE
CVE
added 2026/02/20 10:23 p.m.28 views

CVE-2026-2047

The CVE-2026-2047 issue is a heap-based buffer overflow in GIMP’s ICNS file parsing that allows remote code execution. It stems from insufficient validation of the length of user-supplied data before copying to a heap buffer. Exploitation requires user interaction (target visits a malicious page ...

7.8CVSS7.8AI score0.0062EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/20 10:23 p.m.10 views

CVE-2026-2047

GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page ...

7.8CVSS6.4AI score0.0062EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/02/20 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-2047

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on...

7.8CVSS7.7AI score0.0062EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2026/02/19 12:0 a.m.6 views

GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ICNS files. Th...

7.8CVSS6.2AI score0.0062EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/05 12:0 a.m.6 views

Alibaba Cloud Linux 3 : 0191: gimp:2.8 (ALINUX3-SA-2025:0191)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0191 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-10920: GIMP ICNS File Parsing...

7.8CVSS8AI score0.02751EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/12/04 12:0 a.m.9 views

TencentOS Server 3: gimp:2.8 (TSSA-2025:0937)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0937 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.8CVSS8AI score0.02751EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/12/03 12:0 a.m.7 views

AlmaLinux 9 : gimp (ALSA-2025:21968)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:21968 advisory. gimp: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability CVE-2025-10922 gimp: GIMP ICNS File Parsing Out-Of-Bounds Writ...

7.8CVSS7.6AI score0.02751EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2025/11/24 3:50 p.m.4 views

gimp: GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

A remote code execution RCE vulnerability exists in GIMP due to improper bounds checking during the parsing of ICNS image files. When a user opens a specially crafted ICNS file, it can trigger an out-of-bounds write, allowing attackers to execute arbitrary code within the context of the GIMP...

7.8CVSS6.7AI score0.00371EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/29 9:30 p.m.3 views

EUVD-2025-36718

GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open...

7.8CVSS7AI score0.00371EPSS
Exploits0References3
Rows per page
Query Builder