Linux Distros Unpatched Vulnerability : CVE-2026-35444

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SDLimage is a library to load images of various formats as SDL surfaces. In dolayersurface in src/IMGxcf.c, pixel index values from decoded XCF tile data are us...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : GIMP vulnerabilities (USN-8075-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8075-1 advisory. Michael Randrianantenaina discovered that calculating the linear size of a DDS file could overflow on...

Debian dla-4431 : gimp - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4431 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4431-1 [email protected]...

EUVD-2021-20192

Malware in sbrugna...

CVE-2012-10057

Lattice Semiconductor ispVM System v18.0.2 contains a buffer overflow vulnerability in its handling of .xcf project files. When parsing the version attribute of the ispXCF XML tag, the application fails to properly validate input length, allowing a specially crafted file to overwrite memory on th...

SUSE CVE-2025-48798

A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues...

DEBIAN-CVE-2025-48798

A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues...

CVE-2025-48798 Gimp: multiple use after free in xcf parser

A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues...

CVE-2025-48798

Summary (CVE-2025-48798) : GIMP processing XCF files is vulnerable to memory errors, including use-after-free, triggered by specially crafted images. Connected advisories confirm multiple related GIMP in Xen parsers (XCF/TGA/ICO) vulnerabilities (e.g., CVE-2025-48797, CVE-2025-48798, CVE-2025-547...

CVE-2019-5087

An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools 1.0.7. An integer overflow can occur while calculating the row's allocation size, that could be exploited to corrupt memory and eventually execute arbitrary...

CVE-2024-11511

CVE-2024-11511 affects IrfanView via the XCF Plugin . The vulnerability is a heap-based buffer overflow in the parsing of XCF files, caused by the lack of proper validation of the length of user-supplied data before copying to a heap buffer. This can allow remote code execution in the context of ...

CVE-2024-11511 IrfanView XCF Plugin XCF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

IrfanView XCF Plugin XCF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must vis...

USN-5988-1: Xcftools vulnerabilities

It was discovered that integer overflows vulnerabilities existed in Xcftools. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2019-5086, CVE-2019-5087...

Ubuntu: Security Advisory (USN-312-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2022-30067

GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash...

UBUNTU-CVE-2022-30067

GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash...

GIMP 安全漏洞

GIMP is an open source bitmap image editor from the GIMP team. A security vulnerability exists in GIMP versions 2.10.30 and 2.99.10 that stems from vulnerability to buffer overflows. An attacker exploiting this vulnerability could cause an out of memory or program crash via a crafted XCF file...

Arbitrary Code Execution

imagemagick is vulnerable to arbitrary code execution. The vulnerability exists as a heap-based buffer overflow flaw was found in the way ImageMagick parsed XCF files. If a specially-crafted XCF image was opened, ImageMagick could be made to overwrite heap memory beyond the bounds of its allocate...

CVE-2019-5086

An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools, version 1.0.7. An integer overflow can occur while walking through tiles that could be exploited to corrupt memory and execute arbitrary code. In order to...

UBUNTU-CVE-2019-5086

An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools, version 1.0.7. An integer overflow can occur while walking through tiles that could be exploited to corrupt memory and execute arbitrary code. In order to...