533 matches found
gimp security update
An update is available for gimp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The GIMP GNU Image Manipulation Program is an image composition and editing...
EUVD-2024-33837
Malicious code in bioql PyPI...
EUVD-2022-36056
Malicious code in bioql PyPI...
EUVD-2022-35281
Malicious code in bioql PyPI...
EUVD-2025-16287
Malicious code in bioql PyPI...
CLSA-2025-1758825546 gimp: Fix of CVE-2025-48798
CVE-2025-48798: fix XCF loader use-after-free issues by properly managing layer/channel resources and ensuring safe cleanup during parsing...
ROS-20250911-03
A vulnerability in the GIMP graphical editor is related to integer overflow. Exploitation of the vulnerability could allow an attacker to execute arbitrary code on the target system A vulnerability in the GIMP graphical editor is related to an operation exceeding buffer boundaries in memory when...
Linux Distros Unpatched Vulnerability : CVE-2019-5058
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2image 2.0.4. A specially crafted XCF image can cause a heap...
Linux Distros Unpatched Vulnerability : CVE-2025-48798
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be...
CVE-2012-10057
Lattice Semiconductor ispVM System v18.0.2 contains a buffer overflow vulnerability in its handling of .xcf project files. When parsing the version attribute of the ispXCF XML tag, the application fails to properly validate input length, allowing a specially crafted file to overwrite memory on th...
CVE-2012-10057
CVE-2012-10057 affects Lattice ispVM System v18.0.2 and is due to a buffer overflow when parsing the version attribute of the ispXCF XML tag in .xcf project files. This local, no-privilege path enables arbitrary code execution when a crafted .xcf is opened. Exploitation code/module exists (e.g., ...
CVE-2012-10057 Lattice Semiconductor ispVM System 18.0.2 XCF File Handling Buffer Overflow
Lattice Semiconductor ispVM System v18.0.2 contains a buffer overflow vulnerability in its handling of .xcf project files. When parsing the version attribute of the ispXCF XML tag, the application fails to properly validate input length, allowing a specially crafted file to overwrite memory on th...
RLSA-2025:9165 Important: gimp:2.8 security update
The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: Multiple...
Security update for gimp
This update for gimp fixes the following issues: CVE-2025-48797: Fixed two buffer over-reads and one heap-based buffer overflow in its TGA parser bsc1243711. CVE-2025-48798: Fixed two use-after-free bugs and one double free bug in its XCF parser bsc1243712. Patch Instructions: To install this SUS...
SUSE-SU-2025:02164-1 Security update for gimp
This update for gimp fixes the following issues: - CVE-2025-48797: Fixed two buffer over-reads and one heap-based buffer overflow in its TGA parser bsc1243711. - CVE-2025-48798: Fixed two use-after-free bugs and one double free bug in its XCF parser bsc1243712...
AlmaLinux 8 : gimp:2.8 (ALSA-2025:9165)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:9165 advisory. gimp: Multiple use after free in XCF parser CVE-2025-48798 gimp: Multiple heap buffer overflows in TGA parser CVE-2025-48797 gimp: GIMP ICO File Parsing...
AlmaLinux 9 : gimp (ALSA-2025:9162)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:9162 advisory. gimp: Multiple use after free in XCF parser CVE-2025-48798 gimp: Multiple heap buffer overflows in TGA parser CVE-2025-48797 gimp: GIMP ICO File Parsing...
gimp: Multiple use after free in XCF parser
A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues...
gimp: Multiple use after free in XCF parser
A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues...
gimp: Multiple use after free in XCF parser
A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues...