Lucene search
+L

339 matches found

rocky
rocky
added 2 days ago5 views

gegl04 security update

An update is available for gegl04. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GEGL Generic Graphics Library is a graph-based image processing framework...

7.8CVSS7.3AI score0.00552EPSS
Exploits0
osv
osv
added 2026/07/07 7:44 a.m.4 views

CVE-2026-58384 Gimp: gimp: integer overflow in read_rle_channel()

A flaw was found in GIMP's PSD parser. An integer overflow in readRLEchannel can cause an undersized heap allocation for the RLE row-length table, after which subsequent per-row writes corrupt heap memory. This could lead to memory corruption, potentially resulting in denial of service or arbitra...

7.3CVSS6.2AI score0.00219EPSS
Exploits1References7
alpinelinux
alpinelinux
added 2026/07/06 1:58 p.m.4 views

CVE-2026-58380

A flaw was found in GIMP's PNM file format parser. When parsing a specially crafted PNM file, the pnmscannergettoken function writes a null terminator one byte past the end of a stack-allocated buffer due to an off-by-one error in the loop boundary check. This could lead to memory corruption,...

7.8CVSS6.2AI score0.00216EPSS
Exploits1References5
cvelist
cvelist
added 2026/07/06 1:58 p.m.47 views

CVE-2026-58380 Gimp: gimp: stack buffer overflow in pnmscanner_gettoken()

A flaw was found in GIMP's PNM file format parser. When parsing a specially crafted PNM file, the pnmscannergettoken function writes a null terminator one byte past the end of a stack-allocated buffer due to an off-by-one error in the loop boundary check. This could lead to memory corruption,...

7.3CVSS0.00216EPSS
Exploits1References5
debiancve
debiancve
added 2026/07/06 1:58 p.m.4 views

CVE-2026-58380

A flaw was found in GIMP's PNM file format parser. When parsing a specially crafted PNM file, the pnmscannergettoken function writes a null terminator one byte past the end of a stack-allocated buffer due to an off-by-one error in the loop boundary check. This could lead to memory corruption,...

7.8CVSS6.3AI score0.00216EPSS
Exploits1
osv
osv
added 2026/07/03 7:16 p.m.4 views

UBUNTU-CVE-2026-58379

A flaw was found in GIMP's Paint Shop Pro PSP file format parser. This heap buffer overflow vulnerability allows a remote attacker to cause arbitrary code execution or a denial of service DoS by tricking a user into opening a specially crafted PSP image file. The vulnerability occurs because the...

7.3CVSS6.7AI score0.00233EPSS
Exploits0References6
debiancve
debiancve
added 2026/07/02 7:45 p.m.7 views

CVE-2026-58381

A flaw was found in GIMP's PSP file format parser. A double-free condition occurs in the readlayerblock function when processing a specially crafted PSP file. This could allow an attacker to cause memory corruption, potentially leading to denial of service or arbitrary code execution...

6.1CVSS6.2AI score0.00118EPSS
Exploits0
attackerkb
attackerkb
added 2026/07/02 7:45 p.m.7 views

CVE-2026-58381

A flaw was found in GIMP's PSP file format parser. A double-free condition occurs in the readlayerblock function when processing a specially crafted PSP file. This could allow an attacker to cause memory corruption, potentially leading to denial of service or arbitrary code execution...

6.1CVSS6.1AI score0.00118EPSS
Exploits0References5
euvd
euvd
added 2026/07/02 7:45 p.m.10 views

EUVD-2026-41434

A flaw was found in GIMP's PSP file format parser. A double-free condition occurs in the readlayerblock function when processing a specially crafted PSP file. This could allow an attacker to cause memory corruption, potentially leading to denial of service or arbitrary code execution...

6.1CVSS6.1AI score0.00118EPSS
Exploits0References4
debiancve
debiancve
added 2026/07/01 7:0 p.m.7 views

CVE-2026-55595

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when providing invalid arguments to the connected-components option an infinite loop will occur. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26...

4.7CVSS5.8AI score0.0009EPSS
Exploits0
nvd
nvd
added 2026/06/30 6:16 a.m.15 views

CVE-2026-11367

The PixMagix – WordPress Image Editor plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.7.2 via the moveimageonserver function. This makes it possible for authenticated attackers, with author-level access and above, to write files with...

6.5CVSS0.00541EPSS
Exploits0References4
cve
cve
added 2026/06/30 4:30 a.m.20 views

CVE-2026-11367

The PixMagix WordPress Image Editor plugin (versions up to 1.7.2) is affected by a Directory Traversal flaw in move_image_on_server, allowing authenticated users with author+ rights to write attacker-controlled files to arbitrary server paths via the unsanitized layers[].id parameter being concat...

6.5CVSS5.9AI score0.00541EPSS
Exploits0References4
euvd
euvd
added 2026/06/30 4:30 a.m.7 views

EUVD-2026-40253

The PixMagix – WordPress Image Editor plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.7.2 via the moveimageonserver function. This makes it possible for authenticated attackers, with author-level access and above, to write files with...

6.5CVSS5.9AI score0.00541EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/06/30 12:0 a.m.15 views

PT-2026-53808

Name of the Vulnerable Software and Affected Versions PixMagix – WordPress Image Editor versions prior to 1.7.3 Description Authenticated attackers with author-level access and above can write files with controlled content to arbitrary server locations. The issue occurs because the layers.id...

6.5CVSS6AI score0.00541EPSS
Exploits0References11
patchstack
patchstack
added 2026/06/29 4:17 p.m.6 views

WordPress PixMagix – WordPress Image Editor plugin <= 1.7.2 - Authenticated (Author+) Path Traversal in 'layers[].id' Parameter vulnerability

Authenticated Author+ Path Traversal in 'layers.id' Parameter vulnerability discovered by devploit in WordPress Plugin PixMagix WordPress Image Editor versions = 1.7.2...

6.5CVSS5.8AI score0.00541EPSS
Exploits0References1Affected Software1
astralinux
astralinux
added 2026/06/24 3:11 p.m.11 views

Astra Linux – Vulnerability in GIMP

A flaw was discovered in GIMP’s PSP Paint Shop Pro file parser. A remote attacker could exploit an integer overflow vulnerability in the readcreatorblock function by providing a specially crafted PSP image file. This vulnerability occurs when a 32-bit length value from the file is used for memory...

5.5CVSS7.2AI score0.00494EPSS
Exploits1References2
redhat
redhat
added 2026/06/15 2:9 a.m.15 views

Important: Red Hat Security Advisory: gimp security update

An update for gimp is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

7.8CVSS6.1AI score0.00755EPSS
Exploits1References6
redhat
redhat
added 2026/06/15 2:9 a.m.14 views

gimp: GIMP: Remote Code Execution via PSP file parsing

A flaw was found in GIMP. A remote attacker could exploit this vulnerability by enticing a user to open a specially crafted PSP PaintShop Pro file. This flaw is caused by a heap-based buffer overflow, where the application does not properly validate the length of user-supplied data. Successful...

7.8CVSS6.4AI score0.00651EPSS
Exploits0References6
redhat
redhat
added 2026/06/15 2:6 a.m.11 views

gimp: GIMP: Remote Code Execution via PSP file parsing

A flaw was found in GIMP. A remote attacker could exploit this vulnerability by enticing a user to open a specially crafted PSP PaintShop Pro file. This flaw is caused by a heap-based buffer overflow, where the application does not properly validate the length of user-supplied data. Successful...

7.8CVSS8AI score0.00651EPSS
Exploits0References6
redhat
redhat
added 2026/06/15 1:49 a.m.12 views

GIMP: GIMP: Arbitrary code execution via specially crafted PSD file

A flaw was found in GIMP. A remote attacker can exploit this vulnerability by enticing a user to open a specially crafted PSD Photoshop Document file. This flaw is due to an integer overflow during the parsing of PSD files, which can lead to arbitrary code execution, allowing the attacker to run...

7.8CVSS7.6AI score0.00755EPSS
Exploits0References6
Rows per page
Query Builder