Lucene search
+L

533 matches found

Mageia
Mageia
added 2026/01/17 2:48 a.m.15 views

Updated gimp packages fix security vulnerabilities

XWD File Parsing Integer Overflow Remote Code Execution Vulnerability. CVE-2025-2760 FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. CVE-2025-2761 Multiple heap buffer overflows in tga parser. CVE-2025-48797 Multiple use after free in xcf parser. CVE-2025-48798 XWD File...

7.8CVSS8.1AI score0.07298EPSS
Exploits1References5
OSV
OSV
added 2026/01/16 11:59 a.m.4 views

OESA-2026-1118 gimp security update

The GIMP is an image composition and editing program, which can be used for creating logos and other graphics for Web pages. The GIMP offers many tools and filters, and provides a large image manipulation toolbox, including channel operations and layers, effects, subpixel imaging and antialiasing...

7.8CVSS7.3AI score0.00544EPSS
Exploits1References5
OSV
OSV
added 2026/01/16 11:59 a.m.3 views

OESA-2026-1117 gimp security update

The GIMP is an image composition and editing program, which can be used for creating logos and other graphics for Web pages. The GIMP offers many tools and filters, and provides a large image manipulation toolbox, including channel operations and layers, effects, subpixel imaging and antialiasing...

7.8CVSS7.3AI score0.00544EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.7 views

MiracleLinux 9 : gimp-2.99.8-4.el9_6.2 (AXSA:2025-10549:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10549:03 advisory. gimp: Multiple use after free in XCF parser CVE-2025-48798 gimp: Multiple heap buffer overflows in TGA parser CVE-2025-48797 gimp: GIMP ICO File...

8.8CVSS7.7AI score0.11066EPSS
Exploits0References4
Debian
Debian
added 2026/01/02 3:46 p.m.8 views

[SECURITY] [DLA 4431-1] gimp security update

Debian LTS Advisory DLA-4431-1 [email protected] https://www.debian.org/lts/security/ Andreas Henriksson January 02, 2026 https://wiki.debian.org/LTS Package : gimp Version : 2.10.22-4+deb11u5 CVE ID : CVE-2022-30067 CVE-2025-14422 CVE-2025-14425 Debian Bug : Several vulnerabilities wer...

7.8CVSS7.3AI score0.00729EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/01/02 12:0 a.m.7 views

Debian dla-4431 : gimp - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4431 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4431-1 [email protected]...

7.8CVSS7.6AI score0.00729EPSS
Exploits2References8
RedhatCVE
RedhatCVE
added 2025/12/24 6:20 a.m.6 views

CVE-2025-14424

A flaw was found in GIMP. This use-after-free vulnerability in the XCF file parsing component allows a remote attacker to execute arbitrary code. Successful exploitation requires user interaction, where a target must open a specially crafted malicious XCF file. This can lead to the execution of...

7.8CVSS7.3AI score0.00539EPSS
Exploits0References5
EUVD
EUVD
added 2025/12/24 12:30 a.m.6 views

EUVD-2025-204981

GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

7.8CVSS7AI score0.00539EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/24 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-14424

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected...

7.8CVSS7.8AI score0.00539EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/12/23 10:15 p.m.2 views

CVE-2025-14424

GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

7.8CVSS7.5AI score0.00539EPSS
Exploits0References3
OSV
OSV
added 2025/12/23 10:15 p.m.4 views

UBUNTU-CVE-2025-14424

GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

7.8CVSS6.2AI score0.00539EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/12/23 9:31 p.m.3 views

CVE-2025-14424 GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability

GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

7.8CVSS7.2AI score0.00539EPSS
Exploits0References2
CVE
CVE
added 2025/12/23 9:31 p.m.21 views

CVE-2025-14424

The CVE-2025-14424 issue affects GIMP’s XCF file parsing and is described as a Use-After-Free resulting from not validating the existence of an object before operating on it, enabling potential remote code execution. Connected advisories confirm this vulnerability alongside related CVEs (e.g., CV...

7.8CVSS7.8AI score0.00539EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2025/12/23 9:31 p.m.3 views

CVE-2025-14424

GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

7.8CVSS7.8AI score0.00539EPSS
Exploits0
Cvelist
Cvelist
added 2025/12/23 9:31 p.m.30 views

CVE-2025-14424 GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability

GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

7.8CVSS0.00539EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/12/23 9:31 p.m.3 views

CVE-2025-14424

GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

7.8CVSS7.8AI score0.00539EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/23 12:0 a.m.2 views

GIMP 资源管理错误漏洞

GIMP is an open source bitmap image editor from the GIMP team. A resource management error vulnerability exists in GIMP that stems from a lack of validation of the existence of an object before performing operations on it when parsing XCF files, which could lead to post-release reuse and remote...

7.8CVSS7.8AI score0.00539EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.5 views

TencentOS Server 4: gimp (TSSA-2025:0601)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0601 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

7.3CVSS7.2AI score0.00191EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.4 views

TencentOS Server 3: gimp:2.8 (TSSA-2025:0473)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0473 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

8.8CVSS8AI score0.11066EPSS
Exploits0References4
OSV
OSV
added 2025/11/18 12:8 a.m.4 views

OSV-2025-906 Use-of-uninitialized-value in QImage::pixel

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=461199967 Crash type: Use-of-uninitialized-value Crash state: QImage::pixel XCFImageFormat::copyGrayAToRGB XCFImageFormat::copyLayerToImage...

6.9AI score
Exploits0References1
Rows per page
Query Builder