VYPR
Vendor

Enlightenment

Products
4
CVEs
34
Across products
37
Status
Private

Products

4

Recent CVEs

34
View all 34 CVEs →
  • CVE-2016-4024CriMay 13, 2016
    risk 0.64cvss 9.8epss 0.06

    Integer overflow in imlib2 before 1.4.9 on 32-bit platforms allows remote attackers to execute arbitrary code via large dimensions in an image, which triggers an out-of-bounds heap memory write operation.

  • CVE-2016-3994HigMay 13, 2016
    risk 0.54cvss 8.2epss 0.03

    The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (application crash) or obtain sensitive information via a crafted image, which triggers an out-of-bounds read.

  • CVE-2014-1846HigApr 27, 2018
    risk 0.51cvss 7.8epss 0.00

    Enlightenment before 0.17.6 might allow local users to gain privileges via vectors involving the gdb method.

  • CVE-2014-1845HigApr 27, 2018
    risk 0.51cvss 7.8epss 0.00

    An unspecified setuid root helper in Enlightenment before 0.17.6 allows local users to gain privileges by leveraging failure to properly sanitize the environment.

  • CVE-2015-8971HigJan 23, 2017
    risk 0.51cvss 7.8epss 0.01

    Terminology 0.7.0 allows remote attackers to execute arbitrary commands via escape sequences that modify the window title and then are written to the terminal, a similar issue to CVE-2003-0063.

  • CVE-2016-3993HigMay 13, 2016
    risk 0.49cvss 7.5epss 0.03

    Off-by-one error in the __imlib_MergeUpdate function in lib/updates.c in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted coordinates.

  • CVE-2014-9771HigMay 13, 2016
    risk 0.49cvss 7.5epss 0.03

    Integer overflow in imlib2 before 1.4.7 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted image, which triggers an invalid read operation.

  • CVE-2014-9764HigMay 13, 2016
    risk 0.49cvss 7.5epss 0.03

    imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a crafted GIF file.

  • CVE-2014-9763HigMay 13, 2016
    risk 0.49cvss 7.5epss 0.03

    imlib2 before 1.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted PNM file.

  • CVE-2014-9762HigMay 13, 2016
    risk 0.49cvss 7.5epss 0.03

    imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a GIF image without a colormap.

  • CVE-2011-5326HigMay 13, 2016
    risk 0.49cvss 7.5epss 0.03

    imlib2 before 1.4.9 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) by drawing a 2x1 ellipse.

  • CVE-2022-37706Dec 25, 2022
    risk 0.07cvss epss 0.05

    enlightenment_sys in Enlightenment before 0.25.4 allows local users to gain privileges because it is setuid root, and the system library function mishandles pathnames that begin with a /dev/.. substring.

  • CVE-2002-0143Mar 25, 2002
    risk 0.03cvss epss 0.01

    Buffer overflow in Eterm of Enlightenment Imlib2 1.0.4 and earlier allows local users to execute arbitrary code via a long HOME environment variable.

  • CVE-2024-25450Feb 9, 2024
    risk 0.00cvss epss 0.01

    imlib2 v1.9.1 was discovered to mishandle memory allocation in the function init_imlib_fonts().

  • CVE-2024-25447Feb 9, 2024
    risk 0.00cvss epss 0.01

    An issue in the imlib_load_image_with_error_return function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image.

  • CVE-2024-25448Feb 9, 2024
    risk 0.00cvss epss 0.01

    An issue in the imlib_free_image_and_decache function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image.

  • CVE-2020-12761May 9, 2020
    risk 0.00cvss epss 0.02

    modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant invalid memory allocations and out-of-bounds reads) via an icon with many colors in its color map.

  • CVE-2018-20167Dec 17, 2018
    risk 0.00cvss epss 0.03

    Terminology before 1.3.1 allows Remote Code Execution because popmedia is mishandled, as demonstrated by an unsafe "cat README.md" command when \e}pn is used. A popmedia control sequence can allow the malicious execution of executable file formats registered in the X desktop…

  • CVE-2010-0991Apr 22, 2010
    risk 0.00cvss epss 0.02

    Multiple heap-based buffer overflows in imlib2 1.4.3 allow context-dependent attackers to execute arbitrary code via a crafted (1) ARGB, (2) XPM, or (3) BMP file, related to the IMAGE_DIMENSIONS_OK macro in lib/image.h.

  • CVE-2008-6079Feb 6, 2009
    risk 0.00cvss epss 0.03

    imlib2 before 1.4.2 allows context-dependent attackers to have an unspecified impact via a crafted (1) ARGB, (2) BMP, (3) JPEG, (4) LBM, (5) PNM, (6) TGA, or (7) XPM file, related to "several heap and stack based buffer overflows - partly due to integer overflows."