CVE-2017-17789
- EPSS 1.95%
- Veröffentlicht 20.12.2017 09:29:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c.
CVE-2017-17785
- EPSS 1.15%
- Veröffentlicht 20.12.2017 09:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c.
CVE-2017-17784
- EPSS 1.46%
- Veröffentlicht 20.12.2017 09:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of UTF-8 data.
CVE-2016-4994
- EPSS 3.11%
- Veröffentlicht 12.07.2016 19:59:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in the xcf_load_image function in app/xcf/xcf-load.c in GIMP allows remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted XCF file.
CVE-2013-1978
- EPSS 4.19%
- Veröffentlicht 12.12.2013 18:55:10
- Zuletzt bearbeitet 29.04.2026 01:13:23
Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an X Window Syste...
CVE-2013-1913
- EPSS 4.07%
- Veröffentlicht 12.12.2013 18:55:10
- Zuletzt bearbeitet 29.04.2026 01:13:23
Integer overflow in the load_image function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier, when used with glib before 2.24, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code ...
CVE-2012-5576
- EPSS 6.81%
- Veröffentlicht 18.12.2012 01:55:06
- Zuletzt bearbeitet 16.06.2026 23:47:02
Multiple stack-based buffer overflows in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.8.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large (1) red, (2) green, or (3) blue color mas...
CVE-2012-4245
- EPSS 4.51%
- Veröffentlicht 31.08.2012 18:55:05
- Zuletzt bearbeitet 16.06.2026 23:44:41
The scriptfu network server in GIMP 2.6 does not require authentication, which allows remote attackers to execute arbitrary commands via the python-fu-eval command.
CVE-2012-3481
- EPSS 5.14%
- Veröffentlicht 25.08.2012 10:29:51
- Zuletzt bearbeitet 16.06.2026 23:43:18
Integer overflow in the ReadImage function in plug-ins/common/file-gif-load.c in the GIF image format plug-in in GIMP 2.8.x and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via c...
CVE-2012-3402
- EPSS 4.28%
- Veröffentlicht 25.08.2012 10:29:49
- Zuletzt bearbeitet 16.06.2026 23:43:09
Integer overflow in plug-ins/common/psd.c in the Adobe Photoshop PSD plugin in GIMP 2.2.13 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted channels header value in a PSD image file, w...