Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gimp vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2005-0654
gifload.exe in GIMP 2.0.5, 2.2.3, and possibly 2.2.4 allows remote attackers or local users to cause a denial of service (application crash) via the image descriptor (1) height or (2) width fields set to zero.
Gimp Gimp 2.0.5
Gimp Gimp 2.2.3
Gimp Gimp 2.2.4
4.3
CVSSv2
CVE-2022-30067
GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash.
Gimp Gimp 2.99.10
Gimp Gimp 2.10.30
6.8
CVSSv2
CVE-2012-3403
Heap-based buffer overflow in the KiSS CEL file format plug-in in GIMP 2.8.x and previous versions allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a crafted KiSS palette file, which triggers an "invalid free."
Gimp Gimp
6.8
CVSSv2
CVE-2012-3481
Integer overflow in the ReadImage function in plug-ins/common/file-gif-load.c in the GIF image format plug-in in GIMP 2.8.x and previous versions allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via crafted height ...
Gimp Gimp
7.5
CVSSv2
CVE-2012-2763
Buffer overflow in the readstr_upto function in plug-ins/script-fu/tinyscheme/scheme.c in GIMP 2.6.12 and previous versions, and possibly 2.6.13, allows remote malicious users to execute arbitrary code via a long string in a command to the script-fu server.
Gimp Gimp
2 EDB exploits
6.4
CVSSv2
CVE-2018-12713
GIMP up to and including 2.10.2 makes g_get_tmp_dir calls to establish temporary filenames, which may result in a filename that already exists, as demonstrated by the gimp_write_and_read_file function in app/tests/test-xcf.c. This might be leveraged by malicious users to overwrit...
Gimp Gimp
6.8
CVSSv2
CVE-2006-4519
Multiple integer overflows in the image loader plug-ins in GIMP prior to 2.2.16 allow user-assisted remote malicious users to execute arbitrary code via crafted length values in (1) DICOM, (2) PNM, (3) PSD, (4) PSP, (5) Sun RAS, (6) XBM, and (7) XWD files.
Gimp Gimp
6.8
CVSSv2
CVE-2011-1178
Multiple integer overflows in the load_image function in file-pcx.c in the Personal Computer Exchange (PCX) plugin in GIMP 2.6.x and previous versions allow remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PC...
Gimp Gimp
7.5
CVSSv2
CVE-2012-5576
Multiple stack-based buffer overflows in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.8.2 allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a large (1) red, (2) green, or (3) blue color mask in an XWD file.
Gimp Gimp
5
CVSSv2
CVE-2007-3126
Gimp prior to 2.8.22 allows context-dependent malicious users to cause a denial of service (crash) via an ICO file with an InfoHeader containing a Height of zero, a similar issue to CVE-2007-2237.
Gimp Gimp
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »