1184 matches found
GIMP 输入验证错误漏洞
GIMP is an open-source bitmap image editor developed by the GIMP team. GIMP has a vulnerability related to input validation, which stems from integer overflow during the parsing of PSD files. This vulnerability may lead to remote code execution...
Linux Distros Unpatched Vulnerability : CVE-2026-4150
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gimp (SUSE-SU-2026:1193-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1193-1 advisory. - CVE-2026-4150: PSD File Parsing Integer Overflow Remote Code Execution Vulnerability bsc125997...
openSUSE 16 Security Update : python-Pillow (openSUSE-SU-2026:20458-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20458-1 advisory. - CVE-2026-25990: Fixed an out-of-bounds write when opening a specially crafted PSD image. bsc1258125 Tenable has extracted the preceding description...
Security update for python-Pillow (important)
openSUSE security update: security update for python-pillow ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20458-1 Rating: important References: bsc1258125 Cross-References: CVE-2026-25990 CVSS scores: CVE-2026-25990 SUSE : 7.5...
SUSE-SU-2026:20992-1 Security update for python-Pillow
This update for python-Pillow fixes the following issues: - CVE-2026-25990: Fixed an out-of-bounds write when opening a specially crafted PSD image. bsc1258125...
OPENSUSE-SU-2026:20458-1 Security update for python-Pillow
This update for python-Pillow fixes the following issues: - CVE-2026-25990: Fixed an out-of-bounds write when opening a specially crafted PSD image. bsc1258125...
Important: ImageMagick
Issue Overview: ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap information disclosure vulnerability exists in ImageMagick's PSD Adobe Photoshop format handler. When processing a maliciously crafted PS...
Amazon Linux 2 : ImageMagick, --advisory ALAS2-2026-3211 (ALAS-2026-3211)
The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3211 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions...
pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD Image
A flaw was found the Pillow Python imaging library. Providing a specially crafted PSD image may lead to an out-of-bounds write. This could potentially allow for arbitrary code execution or information disclosure...
pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD Image
A flaw was found the Pillow Python imaging library. Providing a specially crafted PSD image may lead to an out-of-bounds write. This could potentially allow for arbitrary code execution or information disclosure...
Amazon Linux 2023 : ImageMagick, ImageMagick-c++, ImageMagick-c++-devel (ALAS2023-2026-1478)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1478 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap information disclosure vulnerability exists in...
openSUSE 16 Security Update : gimp (openSUSE-SU-2026:20428-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20428-1 advisory. Changes in gimp: - CVE-2026-4150: Fixed PSD file parsing integer overflow vulnerability bsc1259979 = CVE-2026-4151: Fixed ANI file parsing integ...
SUSE CVE-2026-26246
Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2, 10.11.x = 10.11.10 fail to bound memory allocation when processing PSD image files which allows an authenticated attacker to cause server memory exhaustion and denial of service via uploading a specially crafted PSD file. Mattermost Advisory I...
EUVD-2026-16339
A flaw was found in GIMP. Heap-buffer-overflow vulnerability exists in the freadpascalstring function when processing a specially crafted PSD Photoshop Document file. This occurs because the buffer allocated for a Pascal string is not properly null-terminated, leading to an out-of-bounds read whe...
CVE-2026-2239
A flaw was found in GIMP. Heap-buffer-overflow vulnerability exists in the freadpascalstring function when processing a specially crafted PSD Photoshop Document file. This occurs because the buffer allocated for a Pascal string is not properly null-terminated, leading to an out-of-bounds read whe...
CVE-2026-2239
A flaw was found in GIMP. Heap-buffer-overflow vulnerability exists in the freadpascalstring function when processing a specially crafted PSD Photoshop Document file. This occurs because the buffer allocated for a Pascal string is not properly null-terminated, leading to an out-of-bounds read whe...
CVE-2026-2239 Gimp: gimp: application crash (dos) via crafted psd file due to heap-buffer-overflow
A flaw was found in GIMP. Heap-buffer-overflow vulnerability exists in the freadpascalstring function when processing a specially crafted PSD Photoshop Document file. This occurs because the buffer allocated for a Pascal string is not properly null-terminated, leading to an out-of-bounds read whe...
CVE-2026-2239
A flaw was found in GIMP. Heap-buffer-overflow vulnerability exists in the freadpascalstring function when processing a specially crafted PSD Photoshop Document file. This occurs because the buffer allocated for a Pascal string is not properly null-terminated, leading to an out-of-bounds read whe...
Memory Allocation with Excessive Size Value
Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value in the PSD file preview. An attacker can exhaust server memory resources by uploading a specially crafted PSD file, potentially leading to a denial of service. Remediation Upgrade...