CVE-2025-15278

CVE-2025-15278 concerns FontForge GUtils XBM file parsing. The flaw is an integer overflow during parsing of pixels in XBM files, caused by inadequate validation of user-supplied data, which leads to an out-of-bounds buffer allocation and allows remote code execution in the affected process. The ...

CVE-2025-15278 FontForge GUtils XBM File Parsing Integer Overflow Remote Code Execution Vulnerability

FontForge GUtils XBM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a malicious...

EUVD-2005-0216

Malware in sbrugna...

SUSE CVE-2008-4069

The XBM decoder in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to read uninitialized memory, and possibly obtain sensitive information in opportunistic circumstances, via a crafted XBM image file...

SUSE CVE-2017-14175

In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage due to lack of an EOF End of File check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is provided, the loop over th...

CVE-2020-23546

IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted XBM file, related to a "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FORMATS!ReadMosaic+0x0000000000000981...

Qt GUI: Buffer overflow

Background The GUI module and platform plugins for the Qt5 framework. Description It was discovered that Qt GUI’s XBM parser did not properly handle X BitMap files. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time. Resolution Al...

USN-4316-2: GD Graphics Library vulnerabilities

USN-4316-1 fixed a vulnerability in GD Graphics Library. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that GD Graphics Library incorrectly handled cloning an image. An attacker could possibly use this issue to cause GD Graphics...

USN-4316-2 libgd2 vulnerabilities

USN-4316-1 fixed a vulnerability in GD Graphics Library. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that GD Graphics Library incorrectly handled cloning an image. An attacker could possibly use this issue to cause GD Graphics...

USN-4316-1 libgd2 vulnerabilities

It was discovered that GD Graphics Library incorrectly handled cloning an image. An attacker could possibly use this issue to cause GD Graphics Library to crash, resulting in a denial of service. CVE-2018-14553 It was discovered that GD Graphics Library incorrectly handled loading images from X...

USN-4316-1: GD Graphics Library vulnerabilities

It was discovered that GD Graphics Library incorrectly handled cloning an image. An attacker could possibly use this issue to cause GD Graphics Library to crash, resulting in a denial of service. CVE-2018-14553 It was discovered that GD Graphics Library incorrectly handled loading images from X...

Oracle Linux 5 : gtk2 (ELSA-2013-0135)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-0135 advisory. - Fix integer overflow in GdkPixbuf's XBM image file format loader CVE-2012-2370 Resolves: 846252 Tenable has extracted the preceding description block directly...

CentOS Update for gtk2 CESA-2013:0135 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS 5 : gtk2 (CESA-2013:0135)

Updated gtk2 packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

Low: Red Hat Security Advisory: gtk2 security and bug fix update

Updated gtk2 packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

Scientific Linux Security Update : gd on SL4.x, SL5.x i386/x86_64

Multiple issues were discovered in the gd GIF image-handling code. A carefully-crafted GIF file could cause a crash or possibly execute code with the privileges of the application using the gd library. CVE-2006-4484, CVE-2007-3475, CVE-2007-3476 An integer overflow was discovered in the...

ACD Systems ACDSee Products XBM File Handling Buffer Overflow

ACDSee is an image viewer software for Windows developed by ACD Systems. Besides the usual thumbnail viewing of folders and file type conversion, key features of ACDSee include slide show presentations, CD/DVD burning, HTML gallery creation, image folder syncing and editing/indexing of image...

RedHat Update for gd RHSA-2008:0146-01

Check for the Version of gd OpenVAS Vulnerability Test RedHat Update for gd RHSA-2008:0146-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of th...

RedHat Update for gd RHSA-2008:0146-01

Check for the Version of gd OpenVAS Vulnerability Test RedHat Update for gd RHSA-2008:0146-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of th...

libgd NULL pointer dereference when reading a corrupt X bitmap

The gdImageCreateXbm function in the GD Graphics Library libgd before 2.0.35 allows user-assisted remote attackers to cause a denial of service crash via unspecified vectors involving a gdImageCreate failure...