30 matches found
Integer Overflow or Wraparound
Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...
CVE-2026-53466
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, an integer overflow in the XCF decoder can result in an out of bounds read when a crafted image is read, potentially resulting in a crash. This issue has been...
CVE-2026-53466
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, an integer overflow in the XCF decoder can result in an out of bounds read when a crafted image is read, potentially resulting in a crash. This issue has been...
Astra Linux – Vulnerability in sdl-image1.2
SDLimage is a library for loading images of various formats as SDL surfaces. In the dolayersurface function in src/IMGxcf.c, pixel index values from decoded XCF tile data are used directly as colormap indices without being validated against the colormap size cmnum. A crafted .xcf file with a smal...
SUSE CVE-2026-35444
SDLimage is a library to load images of various formats as SDL surfaces. In dolayersurface in src/IMGxcf.c, pixel index values from decoded XCF tile data are used directly as colormap indices without validating them against the colormap size cmnum. A crafted .xcf file with a small colormap and...
CVE-2026-35444
SDLimage is a library to load images of various formats as SDL surfaces. In dolayersurface in src/IMGxcf.c, pixel index values from decoded XCF tile data are used directly as colormap indices without validating them against the colormap size cmnum. A crafted .xcf file with a small colormap and...
UBUNTU-CVE-2026-35444
SDLimage is a library to load images of various formats as SDL surfaces. In dolayersurface in src/IMGxcf.c, pixel index values from decoded XCF tile data are used directly as colormap indices without validating them against the colormap size cmnum. A crafted .xcf file with a small colormap and...
EUVD-2026-19527
SDLimage is a library to load images of various formats as SDL surfaces. In dolayersurface in src/IMGxcf.c, pixel index values from decoded XCF tile data are used directly as colormap indices without validating them against the colormap size cmnum. A crafted .xcf file with a small colormap and...
CVE-2026-35444
SDLimage is a library to load images of various formats as SDL surfaces. In dolayersurface in src/IMGxcf.c, pixel index values from decoded XCF tile data are used directly as colormap indices without validating them against the colormap size cmnum. A crafted .xcf file with a small colormap and...
openSUSE 16 Security Update : gimp (openSUSE-SU-2026:20100-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20100-1 advisory. Changes in gimp: - CVE-2025-14422: Fixed PNM File Parsing Integer Overflow bsc1255293 - CVE-2025-14423: Fixed LBM File Parsing Stack-based Buffe...
OPENSUSE-SU-2026:20100-1 Security update for gimp
This update for gimp fixes the following issues: Changes in gimp: - CVE-2025-14422: Fixed PNM File Parsing Integer Overflow bsc1255293 - CVE-2025-14423: Fixed LBM File Parsing Stack-based Buffer Overflow bsc1255294 - CVE-2025-14424: Fixed XCF File Parsing Use-After-Free bsc1255295 - CVE-2025-1442...
CVE-2025-14424 GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability
GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...
CVE-2025-14424
The CVE-2025-14424 issue affects GIMP’s XCF file parsing and is described as a Use-After-Free resulting from not validating the existence of an object before operating on it, enabling potential remote code execution. Connected advisories confirm this vulnerability alongside related CVEs (e.g., CV...
Linux Distros Unpatched Vulnerability : CVE-2019-5058
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2image 2.0.4. A specially crafted XCF image can cause a heap...
gimp: Multiple use after free in XCF parser
A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues...
The vulnerability of the GIMP graphic editor, related to copying buffers without checking the input data, allows a hacker to cause a service failure.
The vulnerability of the GIMP graphic editor relates to the copying of buffers without checking the input data. Exploiting this vulnerability allows a malicious actor to cause service interruptions using a specially created XCF file...
SUSE CVE-2007-4986
Multiple integer overflows in ImageMagick before 6.3.5-9 allow context-dependent attackers to execute arbitrary code via a crafted 1 .dcm, 2 .dib, 3 .xbm, 4 .xcf, or 5 .xwd image file, which triggers a heap-based buffer overflow...
SUSE CVE-2016-7529
coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service out-of-bounds read via a crafted XCF file...
SUSE CVE-2017-12691
The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service memory consumption via a crafted file...
SUSE CVE-2017-14449
A double-Free vulnerability exists in the XCF image rendering functionality of SDL2image-2.0.2. A specially crafted XCF image can cause a Double-Free situation to occur. An attacker can display a specially crafted image to trigger this vulnerability...