Lucene search
K

1184 matches found

CNNVD
CNNVD
added 2026/04/11 12:0 a.m.7 views

GIMP 输入验证错误漏洞

GIMP is an open-source bitmap image editor developed by the GIMP team. GIMP has a vulnerability related to input validation, which stems from integer overflow during the parsing of PSD files. This vulnerability may lead to remote code execution...

7.8CVSS7.5AI score0.00755EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/11 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-4150

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected...

7.8CVSS7.8AI score0.00755EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.5 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gimp (SUSE-SU-2026:1193-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1193-1 advisory. - CVE-2026-4150: PSD File Parsing Integer Overflow Remote Code Execution Vulnerability bsc125997...

7.8CVSS7.2AI score0.00755EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/04/05 12:0 a.m.12 views

openSUSE 16 Security Update : python-Pillow (openSUSE-SU-2026:20458-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20458-1 advisory. - CVE-2026-25990: Fixed an out-of-bounds write when opening a specially crafted PSD image. bsc1258125 Tenable has extracted the preceding description...

8.6CVSS6.8AI score0.00367EPSS
Exploits1References3
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/04 12:0 a.m.2 views

Security update for python-Pillow (important)

openSUSE security update: security update for python-pillow ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20458-1 Rating: important References: bsc1258125 Cross-References: CVE-2026-25990 CVSS scores: CVE-2026-25990 SUSE : 7.5...

8.7CVSS6AI score0.00367EPSS
Exploits1References1
OSV
OSV
added 2026/04/01 2:58 p.m.4 views

SUSE-SU-2026:20992-1 Security update for python-Pillow

This update for python-Pillow fixes the following issues: - CVE-2026-25990: Fixed an out-of-bounds write when opening a specially crafted PSD image. bsc1258125...

8.6CVSS6.1AI score0.00367EPSS
Exploits1References3
OSV
OSV
added 2026/04/01 2:57 p.m.6 views

OPENSUSE-SU-2026:20458-1 Security update for python-Pillow

This update for python-Pillow fixes the following issues: - CVE-2026-25990: Fixed an out-of-bounds write when opening a specially crafted PSD image. bsc1258125...

8.6CVSS6.1AI score0.00367EPSS
Exploits1References2
Amazon
Amazon
added 2026/04/01 12:0 a.m.10 views

Important: ImageMagick

Issue Overview: ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap information disclosure vulnerability exists in ImageMagick's PSD Adobe Photoshop format handler. When processing a maliciously crafted PS...

9.8CVSS7.2AI score0.00671EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/01 12:0 a.m.9 views

Amazon Linux 2 : ImageMagick, --advisory ALAS2-2026-3211 (ALAS-2026-3211)

The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3211 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions...

9.8CVSS7AI score0.00671EPSS
Exploits0References86
RedHat Linux
RedHat Linux
added 2026/03/31 4:23 p.m.10 views

pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD Image

A flaw was found the Pillow Python imaging library. Providing a specially crafted PSD image may lead to an out-of-bounds write. This could potentially allow for arbitrary code execution or information disclosure...

8.6CVSS6.4AI score0.00367EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/03/31 4:12 p.m.6 views

pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD Image

A flaw was found the Pillow Python imaging library. Providing a specially crafted PSD image may lead to an out-of-bounds write. This could potentially allow for arbitrary code execution or information disclosure...

8.6CVSS6.6AI score0.00367EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/03/30 12:0 a.m.6 views

Amazon Linux 2023 : ImageMagick, ImageMagick-c++, ImageMagick-c++-devel (ALAS2023-2026-1478)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1478 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap information disclosure vulnerability exists in...

9.8CVSS7AI score0.00671EPSS
Exploits0References66
Tenable Nessus
Tenable Nessus
added 2026/03/29 12:0 a.m.4 views

openSUSE 16 Security Update : gimp (openSUSE-SU-2026:20428-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20428-1 advisory. Changes in gimp: - CVE-2026-4150: Fixed PSD file parsing integer overflow vulnerability bsc1259979 = CVE-2026-4151: Fixed ANI file parsing integ...

7.8CVSS7.3AI score0.00755EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2026/03/28 12:28 a.m.7 views

SUSE CVE-2026-26246

Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2, 10.11.x = 10.11.10 fail to bound memory allocation when processing PSD image files which allows an authenticated attacker to cause server memory exhaustion and denial of service via uploading a specially crafted PSD file. Mattermost Advisory I...

4.3CVSS5.9AI score0.00221EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/26 9:31 p.m.6 views

EUVD-2026-16339

A flaw was found in GIMP. Heap-buffer-overflow vulnerability exists in the freadpascalstring function when processing a specially crafted PSD Photoshop Document file. This occurs because the buffer allocated for a Pascal string is not properly null-terminated, leading to an out-of-bounds read whe...

2.8CVSS5.9AI score0.00485EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2026/03/26 9:17 p.m.5 views

CVE-2026-2239

A flaw was found in GIMP. Heap-buffer-overflow vulnerability exists in the freadpascalstring function when processing a specially crafted PSD Photoshop Document file. This occurs because the buffer allocated for a Pascal string is not properly null-terminated, leading to an out-of-bounds read whe...

6.5CVSS7.1AI score0.00485EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2026/03/26 8:0 p.m.1 views

CVE-2026-2239

A flaw was found in GIMP. Heap-buffer-overflow vulnerability exists in the freadpascalstring function when processing a specially crafted PSD Photoshop Document file. This occurs because the buffer allocated for a Pascal string is not properly null-terminated, leading to an out-of-bounds read whe...

6.5CVSS6AI score0.00485EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/03/26 8:0 p.m.41 views

CVE-2026-2239 Gimp: gimp: application crash (dos) via crafted psd file due to heap-buffer-overflow

A flaw was found in GIMP. Heap-buffer-overflow vulnerability exists in the freadpascalstring function when processing a specially crafted PSD Photoshop Document file. This occurs because the buffer allocated for a Pascal string is not properly null-terminated, leading to an out-of-bounds read whe...

2.8CVSS0.00485EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2026/03/26 8:0 p.m.6 views

CVE-2026-2239

A flaw was found in GIMP. Heap-buffer-overflow vulnerability exists in the freadpascalstring function when processing a specially crafted PSD Photoshop Document file. This occurs because the buffer allocated for a Pascal string is not properly null-terminated, leading to an out-of-bounds read whe...

6.5CVSS7.4AI score0.00485EPSS
Exploits1
Snyk
Snyk
added 2026/03/16 3:30 p.m.3 views

Memory Allocation with Excessive Size Value

Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value in the PSD file preview. An attacker can exhaust server memory resources by uploading a specially crafted PSD file, potentially leading to a denial of service. Remediation Upgrade...

5.3CVSS5.8AI score0.00221EPSS
Exploits0References3
Rows per page
Query Builder