VYPR

Gimp

by GIMP

Source repositories

CVEs (82)

  • CVE-2026-2049HigJun 10, 2026
    risk 0.51cvss 7.8epss 0.01

    GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit…

  • CVE-2026-4154HigApr 11, 2026
    risk 0.51cvss 7.8epss 0.00

    GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a…

  • CVE-2026-4153HigApr 11, 2026
    risk 0.51cvss 7.8epss 0.01

    GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit…

  • CVE-2026-4152HigApr 11, 2026
    risk 0.51cvss 7.8epss 0.01

    GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit…

  • CVE-2026-4151HigApr 11, 2026
    risk 0.51cvss 7.8epss 0.01

    GIMP ANI File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a…

  • CVE-2026-4150HigApr 11, 2026
    risk 0.51cvss 7.8epss 0.01

    GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a…

  • CVE-2017-17789HigDec 20, 2017
    risk 0.51cvss 7.8epss 0.02

    In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c.

  • CVE-2017-17787HigDec 20, 2017
    risk 0.51cvss 7.8epss 0.01

    In GIMP 2.8.22, there is a heap-based buffer over-read in read_creator_block in plug-ins/common/file-psp.c.

  • CVE-2017-17786HigDec 20, 2017
    risk 0.51cvss 7.8epss 0.01

    In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c (related to bgr2rgb.part.1) via an unexpected bits-per-pixel value for an RGBA image.

  • CVE-2017-17785HigDec 20, 2017
    risk 0.51cvss 7.8epss 0.01

    In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c.

  • CVE-2017-17784HigDec 20, 2017
    risk 0.51cvss 7.8epss 0.01

    In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of UTF-8 data.

  • CVE-2016-4994HigJul 12, 2016
    risk 0.51cvss 7.8epss 0.03

    Use-after-free vulnerability in the xcf_load_image function in app/xcf/xcf-load.c in GIMP allows remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted XCF file.

  • CVE-2026-6384HigApr 15, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw was found in gimp. This buffer overflow vulnerability in the GIF image loading component's `ReadJeffsImage` function allows an attacker to write beyond an allocated buffer by processing a specially crafted GIF file. This can lead to a denial of service or potentially…

  • CVE-2025-48798HigMay 27, 2025
    risk 0.47cvss 7.3epss 0.00

    A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues.

  • CVE-2025-48797HigMay 27, 2025
    risk 0.47cvss 7.3epss 0.00

    A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing a heap buffer overflow.

  • CVE-2025-48796HigMay 27, 2025
    risk 0.47cvss 7.3epss 0.00

    A flaw was found in GIMP. The GIMP ani_load_image() function is vulnerable to a stack-based overflow. If a user opens.ANI files, GIMP may be used to store more information than the capacity allows. This flaw allows a malicious ANI file to trigger arbitrary code execution.

  • CVE-2026-40919MedApr 15, 2026
    risk 0.40cvss 6.1epss 0.00

    A flaw was found in GIMP. This vulnerability, a buffer overflow in the `file-seattle-filmworks` plugin, can be exploited when a user opens a specially crafted Seattle Filmworks file. A remote attacker could leverage this to cause a denial of service (DoS), leading to the plugin…

  • CVE-2026-4887MedMar 26, 2026
    risk 0.40cvss 6.1epss 0.01

    A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory…

  • CVE-2026-40918MedApr 15, 2026
    risk 0.36cvss 5.5epss 0.00

    A flaw was found in GIMP. Processing a specially crafted PVR image file with large dimensions can lead to a denial of service (DoS). This occurs due to a stack-based buffer overflow and an out-of-bounds read in the PVR image loader, causing the application to crash. Systems that…

  • CVE-2026-40915MedApr 15, 2026
    risk 0.36cvss 5.5epss 0.00

    A flaw was found in GIMP. A remote attacker could exploit an integer overflow vulnerability in the FITS image loader by providing a specially crafted FITS file. This integer overflow leads to a zero-byte memory allocation, which is then subjected to a heap buffer overflow when…

Page 1 of 5