Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2012-5576

Summary
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
Published At-18 Dec, 2012 | 01:00
Updated At-06 Aug, 2024 | 21:14
Rejected At-
Credits

Multiple stack-based buffer overflows in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.8.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large (1) red, (2) green, or (3) blue color mask in an XWD file.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:redhat
Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749
Published At:18 Dec, 2012 | 01:00
Updated At:06 Aug, 2024 | 21:14
Rejected At:
▼CVE Numbering Authority (CNA)

Multiple stack-based buffer overflows in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.8.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large (1) red, (2) green, or (3) blue color mask in an XWD file.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://secunia.com/advisories/51479
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/51528
third-party-advisory
x_refsource_SECUNIA
http://git.gnome.org/browse/gimp/commit/?id=2873262fccba12af144ed96ed91be144d92ff2e1
x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2012/11/27/1
mailing-list
x_refsource_MLIST
http://www.mandriva.com/security/advisories?name=MDVSA-2013:082
vendor-advisory
x_refsource_MANDRIVA
http://www.ubuntu.com/usn/USN-1659-1
vendor-advisory
x_refsource_UBUNTU
http://www.securityfocus.com/bid/56647
vdb-entry
x_refsource_BID
http://lists.opensuse.org/opensuse-updates/2013-01/msg00014.html
vendor-advisory
x_refsource_SUSE
http://lists.opensuse.org/opensuse-updates/2012-12/msg00017.html
vendor-advisory
x_refsource_SUSE
http://secunia.com/advisories/50296
third-party-advisory
x_refsource_SECUNIA
https://bugzilla.gnome.org/show_bug.cgi?id=687392
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/51479
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/51528
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://git.gnome.org/browse/gimp/commit/?id=2873262fccba12af144ed96ed91be144d92ff2e1
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.openwall.com/lists/oss-security/2012/11/27/1
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2013:082
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://www.ubuntu.com/usn/USN-1659-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://www.securityfocus.com/bid/56647
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://lists.opensuse.org/opensuse-updates/2013-01/msg00014.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://lists.opensuse.org/opensuse-updates/2012-12/msg00017.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://secunia.com/advisories/50296
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://bugzilla.gnome.org/show_bug.cgi?id=687392
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://secunia.com/advisories/51479
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/51528
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://git.gnome.org/browse/gimp/commit/?id=2873262fccba12af144ed96ed91be144d92ff2e1
x_refsource_CONFIRM
x_transferred
http://www.openwall.com/lists/oss-security/2012/11/27/1
mailing-list
x_refsource_MLIST
x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2013:082
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://www.ubuntu.com/usn/USN-1659-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://www.securityfocus.com/bid/56647
vdb-entry
x_refsource_BID
x_transferred
http://lists.opensuse.org/opensuse-updates/2013-01/msg00014.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://lists.opensuse.org/opensuse-updates/2012-12/msg00017.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://secunia.com/advisories/50296
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://bugzilla.gnome.org/show_bug.cgi?id=687392
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/51479
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/51528
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://git.gnome.org/browse/gimp/commit/?id=2873262fccba12af144ed96ed91be144d92ff2e1
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2012/11/27/1
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2013:082
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-1659-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://www.securityfocus.com/bid/56647
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-updates/2013-01/msg00014.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-updates/2012-12/msg00017.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://secunia.com/advisories/50296
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://bugzilla.gnome.org/show_bug.cgi?id=687392
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert@redhat.com
Published At:18 Dec, 2012 | 01:55
Updated At:29 Apr, 2026 | 01:13

Multiple stack-based buffer overflows in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.8.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large (1) red, (2) green, or (3) blue color mask in an XWD file.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches

GIMP
gimp
>>gimp>>Versions before 2.8.4(exclusive)
cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-787Primarynvd@nist.gov
CWE ID: CWE-787
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://git.gnome.org/browse/gimp/commit/?id=2873262fccba12af144ed96ed91be144d92ff2e1secalert@redhat.com
Patch
Vendor Advisory
http://lists.opensuse.org/opensuse-updates/2012-12/msg00017.htmlsecalert@redhat.com
Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2013-01/msg00014.htmlsecalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/50296secalert@redhat.com
Broken Link
http://secunia.com/advisories/51479secalert@redhat.com
Broken Link
http://secunia.com/advisories/51528secalert@redhat.com
Broken Link
http://www.mandriva.com/security/advisories?name=MDVSA-2013:082secalert@redhat.com
Broken Link
http://www.openwall.com/lists/oss-security/2012/11/27/1secalert@redhat.com
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/56647secalert@redhat.com
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-1659-1secalert@redhat.com
Patch
Third Party Advisory
https://bugzilla.gnome.org/show_bug.cgi?id=687392secalert@redhat.com
Exploit
Issue Tracking
Patch
Third Party Advisory
http://git.gnome.org/browse/gimp/commit/?id=2873262fccba12af144ed96ed91be144d92ff2e1af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://lists.opensuse.org/opensuse-updates/2012-12/msg00017.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2013-01/msg00014.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/50296af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/51479af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/51528af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.mandriva.com/security/advisories?name=MDVSA-2013:082af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.openwall.com/lists/oss-security/2012/11/27/1af854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/56647af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-1659-1af854a3a-2127-422b-91ae-364da2661108
Patch
Third Party Advisory
https://bugzilla.gnome.org/show_bug.cgi?id=687392af854a3a-2127-422b-91ae-364da2661108
Exploit
Issue Tracking
Patch
Third Party Advisory
Hyperlink: http://git.gnome.org/browse/gimp/commit/?id=2873262fccba12af144ed96ed91be144d92ff2e1
Source: secalert@redhat.com
Resource:
Patch
Vendor Advisory
Hyperlink: http://lists.opensuse.org/opensuse-updates/2012-12/msg00017.html
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-updates/2013-01/msg00014.html
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/50296
Source: secalert@redhat.com
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/51479
Source: secalert@redhat.com
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/51528
Source: secalert@redhat.com
Resource:
Broken Link
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2013:082
Source: secalert@redhat.com
Resource:
Broken Link
Hyperlink: http://www.openwall.com/lists/oss-security/2012/11/27/1
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/56647
Source: secalert@redhat.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.ubuntu.com/usn/USN-1659-1
Source: secalert@redhat.com
Resource:
Patch
Third Party Advisory
Hyperlink: https://bugzilla.gnome.org/show_bug.cgi?id=687392
Source: secalert@redhat.com
Resource:
Exploit
Issue Tracking
Patch
Third Party Advisory
Hyperlink: http://git.gnome.org/browse/gimp/commit/?id=2873262fccba12af144ed96ed91be144d92ff2e1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://lists.opensuse.org/opensuse-updates/2012-12/msg00017.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-updates/2013-01/msg00014.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/50296
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/51479
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/51528
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2013:082
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.openwall.com/lists/oss-security/2012/11/27/1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/56647
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.ubuntu.com/usn/USN-1659-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Third Party Advisory
Hyperlink: https://bugzilla.gnome.org/show_bug.cgi?id=687392
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Issue Tracking
Patch
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

957Records found

CVE-2010-4543
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-16.27% / 96.56%
||
7 Day CHG~0.00%
Published-07 Jan, 2011 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the read_channel_data function in file-psp.c in the Paint Shop Pro (PSP) plugin in GIMP 2.6.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a PSP_COMP_RLE (aka RLE compression) image file that begins a long run count at the end of the image. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-n/aGIMP
Product-gimpn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2011-1782
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-3.43% / 87.47%
||
7 Day CHG~0.00%
Published-27 Jul, 2011 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the read_channel_data function in file-psp.c in the Paint Shop Pro (PSP) plugin in GIMP 2.6.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a PSP_COMP_RLE (aka RLE compression) image file that begins a long run count at the end of the image. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4543.

Action-Not Available
Vendor-n/aGIMP
Product-gimpn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2012-2763
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-81.72% / 99.60%
||
7 Day CHG~0.00%
Published-12 Jul, 2012 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the readstr_upto function in plug-ins/script-fu/tinyscheme/scheme.c in GIMP 2.6.12 and earlier, and possibly 2.6.13, allows remote attackers to execute arbitrary code via a long string in a command to the script-fu server.

Action-Not Available
Vendor-n/aGIMP
Product-gimpn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2013-1978
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-4.21% / 89.75%
||
7 Day CHG~0.00%
Published-12 Dec, 2013 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an X Window System (XWD) image dump with more colors than color map entries.

Action-Not Available
Vendor-n/aThe GNOME ProjectGIMPRed Hat, Inc.
Product-gimpglibenterprise_linuxn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-15059
Matching Score-6
Assigner-Zero Day Initiative
ShareView Details
Matching Score-6
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.74% / 50.22%
||
7 Day CHG+0.08%
Published-23 Jan, 2026 | 02:49
Updated-30 Jun, 2026 | 12:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28232.

Action-Not Available
Vendor-Red Hat, Inc.GIMP
Product-gimpGIMPRed Hat Enterprise Linux AppStream E4S (v.9.2)Red Hat Enterprise Linux AppStream EUS (v.9.6)Red Hat Enterprise Linux 7Red Hat Enterprise Linux AppStream EUS (v.9.4)Red Hat Enterprise Linux 8Red Hat Enterprise Linux AppStream (v. 9)Red Hat Enterprise Linux AppStream E4S (v.9.0)Red Hat Enterprise Linux 6
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2012-3403
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-4.95% / 91.12%
||
7 Day CHG~0.00%
Published-25 Aug, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the KiSS CEL file format plug-in in GIMP 2.8.x and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted KiSS palette file, which triggers an "invalid free."

Action-Not Available
Vendor-n/aGIMP
Product-gimpn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-10921
Matching Score-6
Assigner-Zero Day Initiative
ShareView Details
Matching Score-6
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.45% / 36.13%
||
7 Day CHG~0.00%
Published-29 Oct, 2025 | 19:29
Updated-26 Feb, 2026 | 16:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of HDR files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27803.

Action-Not Available
Vendor-Debian GNU/LinuxGIMP
Product-debian_linuxgimpGIMP
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-10925
Matching Score-6
Assigner-Zero Day Initiative
ShareView Details
Matching Score-6
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-2.75% / 84.42%
||
7 Day CHG~0.00%
Published-29 Oct, 2025 | 19:29
Updated-26 Feb, 2026 | 16:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ILBM files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27793.

Action-Not Available
Vendor-GIMP
Product-gimpGIMP
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-10920
Matching Score-6
Assigner-Zero Day Initiative
ShareView Details
Matching Score-6
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.37% / 29.13%
||
7 Day CHG~0.00%
Published-29 Oct, 2025 | 19:29
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ICNS files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27684.

Action-Not Available
Vendor-GIMP
Product-gimpGIMP
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-10922
Matching Score-6
Assigner-Zero Day Initiative
ShareView Details
Matching Score-6
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.64% / 46.37%
||
7 Day CHG~0.00%
Published-29 Oct, 2025 | 19:29
Updated-26 Feb, 2026 | 16:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DCM files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27863.

Action-Not Available
Vendor-Debian GNU/LinuxGIMP
Product-debian_linuxgimpGIMP
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2011-2896
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-5.1||MEDIUM
EPSS-12.71% / 95.78%
||
7 Day CHG~0.00%
Published-19 Aug, 2011 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895.

Action-Not Available
Vendor-swi-prologn/aApple Inc.GIMP
Product-swi-prologcupsgimpn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2010-4541
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-9.3||HIGH
EPSS-6.81% / 93.23%
||
7 Day CHG~0.00%
Published-07 Jan, 2011 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the loadit function in plug-ins/common/sphere-designer.c in the SPHERE DESIGNER plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long "Number of lights" field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself.

Action-Not Available
Vendor-n/aGIMP
Product-gimpn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2010-4542
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-5.57% / 91.92%
||
7 Day CHG~0.00%
Published-07 Jan, 2011 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the gfig_read_parameter_gimp_rgb function in plug-ins/gfig/gfig-style.c in the GFIG plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long Foreground field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-n/aGIMP
Product-gimpn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2010-4540
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-6.07% / 92.52%
||
7 Day CHG~0.00%
Published-07 Jan, 2011 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the load_preset_response function in plug-ins/lighting/lighting-ui.c in the "LIGHTING EFFECTS > LIGHT" plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long Position field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-n/aGIMP
Product-gimpn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-4152
Matching Score-6
Assigner-Zero Day Initiative
ShareView Details
Matching Score-6
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.74% / 50.22%
||
7 Day CHG+0.08%
Published-11 Apr, 2026 | 00:15
Updated-30 Jun, 2026 | 12:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28863.

Action-Not Available
Vendor-Red Hat, Inc.GIMP
Product-gimpGIMPRed Hat Enterprise Linux AppStream E4S (v.9.2)Red Hat Enterprise Linux AppStream EUS (v.9.6)Red Hat Enterprise Linux 7Red Hat Enterprise Linux AppStream E4S (v.9.4)Red Hat Enterprise Linux 8Red Hat Enterprise Linux AppStream (v. 9)Red Hat Enterprise Linux AppStream E4S (v.9.0)Red Hat Enterprise Linux 6
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-4153
Matching Score-6
Assigner-Zero Day Initiative
ShareView Details
Matching Score-6
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.65% / 46.70%
||
7 Day CHG+0.09%
Published-11 Apr, 2026 | 00:16
Updated-30 Jun, 2026 | 12:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28874.

Action-Not Available
Vendor-Red Hat, Inc.GIMP
Product-gimpGIMPRed Hat Enterprise Linux AppStream EUS (v.9.6)Red Hat Enterprise Linux AppStream AUS (v.8.6)Red Hat Enterprise Linux AppStream E4S (v.8.6)Red Hat Enterprise Linux AppStream E4S (v.9.4)Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)Red Hat Enterprise Linux AppStream TUS (v.8.8)Red Hat Enterprise Linux AppStream (v. 9)Red Hat Enterprise Linux AppStream (v. 8)Red Hat Enterprise Linux Server (v. 7 ELS)Red Hat Enterprise Linux 6Red Hat Enterprise Linux Server Optional (v. 7 ELS)Red Hat Enterprise Linux AppStream E4S (v.9.2)Red Hat Enterprise Linux AppStream TUS (v.8.6)Red Hat Enterprise Linux AppStream E4S (v.8.8)Red Hat Enterprise Linux AppStream AUS (v.8.4)Red Hat Enterprise Linux AppStream E4S (v.9.0)
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-40916
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-0.21% / 11.28%
||
7 Day CHG~0.00%
Published-15 Apr, 2026 | 18:58
Updated-02 Jul, 2026 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Gimp: gimp: denial of service due to stack buffer overflow in tim image loader

A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image loader's 4BPP decoding path allows a local user to cause a Denial of Service (DoS). By opening a specially crafted TIM image file, the application crashes due to an unconditional overflow when writing to a variable-length array.

Action-Not Available
Vendor-Red Hat, Inc.GIMP
Product-gimpenterprise_linuxRed Hat Enterprise Linux 9Red Hat Enterprise Linux 7Red Hat Enterprise Linux 6Red Hat Enterprise Linux 8
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-40919
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-6.1||MEDIUM
EPSS-0.33% / 24.98%
||
7 Day CHG~0.00%
Published-15 Apr, 2026 | 18:59
Updated-28 Apr, 2026 | 18:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Gimp: gimp: denial of service via specially crafted seattle filmworks file

A flaw was found in GIMP. This vulnerability, a buffer overflow in the `file-seattle-filmworks` plugin, can be exploited when a user opens a specially crafted Seattle Filmworks file. A remote attacker could leverage this to cause a denial of service (DoS), leading to the plugin crashing and potentially impacting the stability of the GIMP application.

Action-Not Available
Vendor-GIMPRed Hat, Inc.
Product-gimpenterprise_linuxRed Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 9Red Hat Enterprise Linux 8
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-17785
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.15% / 63.12%
||
7 Day CHG~0.00%
Published-20 Dec, 2017 | 09:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c.

Action-Not Available
Vendor-n/aCanonical Ltd.GIMPDebian GNU/Linux
Product-debian_linuxubuntu_linuxgimpn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-17789
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.95% / 77.81%
||
7 Day CHG~0.00%
Published-20 Dec, 2017 | 09:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c.

Action-Not Available
Vendor-n/aCanonical Ltd.GIMPDebian GNU/Linux
Product-debian_linuxubuntu_linuxgimpn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-2045
Matching Score-6
Assigner-Zero Day Initiative
ShareView Details
Matching Score-6
Assigner-Zero Day Initiative
CVSS Score-7.3||HIGH
EPSS-0.57% / 42.83%
||
7 Day CHG+0.05%
Published-20 Feb, 2026 | 22:23
Updated-30 Jun, 2026 | 12:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28265.

Action-Not Available
Vendor-Red Hat, Inc.GIMP
Product-gimpGIMPRed Hat Enterprise Linux AppStream EUS (v.9.6)Red Hat Enterprise Linux AppStream AUS (v.8.6)Red Hat Enterprise Linux AppStream E4S (v.8.6)Red Hat Enterprise Linux 7Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)Red Hat Enterprise Linux AppStream TUS (v.8.8)Red Hat Enterprise Linux AppStream (v. 9)Red Hat Enterprise Linux AppStream (v. 8)Red Hat Enterprise Linux 6Red Hat Enterprise Linux AppStream E4S (v.9.2)Red Hat Enterprise Linux AppStream AUS (v. 8.2)Red Hat Enterprise Linux AppStream TUS (v.8.6)Red Hat Enterprise Linux AppStream E4S (v.8.8)Red Hat Enterprise Linux AppStream EUS (v.9.4)Red Hat Enterprise Linux AppStream AUS (v.8.4)Red Hat Enterprise Linux AppStream E4S (v.9.0)
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-2047
Matching Score-6
Assigner-Zero Day Initiative
ShareView Details
Matching Score-6
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.62% / 45.34%
||
7 Day CHG+0.05%
Published-20 Feb, 2026 | 22:23
Updated-30 Jun, 2026 | 12:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ICNS files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28530.

Action-Not Available
Vendor-Red Hat, Inc.GIMP
Product-gimpGIMPRed Hat Enterprise Linux AppStream (v. 9)Red Hat Enterprise Linux 6Red Hat Enterprise Linux 8Red Hat Enterprise Linux 7
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-2048
Matching Score-6
Assigner-Zero Day Initiative
ShareView Details
Matching Score-6
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.62% / 45.44%
||
7 Day CHG+0.10%
Published-20 Feb, 2026 | 22:23
Updated-30 Jun, 2026 | 12:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28591.

Action-Not Available
Vendor-Red Hat, Inc.GIMP
Product-gimpGIMPRed Hat Enterprise Linux AppStream EUS (v.9.6)Red Hat Enterprise Linux AppStream AUS (v.8.6)Red Hat Enterprise Linux AppStream E4S (v.8.6)Red Hat Enterprise Linux 7Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)Red Hat Enterprise Linux AppStream TUS (v.8.8)Red Hat Enterprise Linux AppStream (v. 9)Red Hat Enterprise Linux AppStream (v. 8)Red Hat Enterprise Linux 6Red Hat Enterprise Linux AppStream E4S (v.9.2)Red Hat Enterprise Linux AppStream AUS (v. 8.2)Red Hat Enterprise Linux AppStream TUS (v.8.6)Red Hat Enterprise Linux AppStream E4S (v.8.8)Red Hat Enterprise Linux AppStream EUS (v.9.4)Red Hat Enterprise Linux AppStream AUS (v.8.4)Red Hat Enterprise Linux AppStream E4S (v.9.0)
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-0797
Matching Score-6
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-6
Assigner-Trend Micro, Inc.
CVSS Score-8.8||HIGH
EPSS-1.16% / 63.18%
||
7 Day CHG+0.49%
Published-20 Feb, 2026 | 22:10
Updated-30 Jun, 2026 | 12:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ICO files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28599.

Action-Not Available
Vendor-Red Hat, Inc.GIMP
Product-gimpGIMPRed Hat Enterprise Linux AppStream EUS (v.9.6)Red Hat Enterprise Linux AppStream AUS (v.8.6)Red Hat Enterprise Linux AppStream E4S (v.8.6)Red Hat Enterprise Linux 7Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)Red Hat Enterprise Linux AppStream TUS (v.8.8)Red Hat Enterprise Linux AppStream (v. 9)Red Hat Enterprise Linux AppStream (v. 8)Red Hat Enterprise Linux 6Red Hat Enterprise Linux AppStream E4S (v.9.2)Red Hat Enterprise Linux AppStream AUS (v. 8.2)Red Hat Enterprise Linux AppStream TUS (v.8.6)Red Hat Enterprise Linux AppStream E4S (v.8.8)Red Hat Enterprise Linux AppStream EUS (v.9.4)Red Hat Enterprise Linux AppStream AUS (v.8.4)Red Hat Enterprise Linux AppStream E4S (v.9.0)
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2009-0733
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-5.53% / 91.87%
||
7 Day CHG~0.00%
Published-23 Mar, 2009 | 14:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions.

Action-Not Available
Vendor-littlecmsn/aGIMPMozilla CorporationSun Microsystems (Oracle Corporation)
Product-little_cmsopenjdkfirefoxgimpn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-2761
Matching Score-6
Assigner-Zero Day Initiative
ShareView Details
Matching Score-6
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-1.43% / 69.81%
||
7 Day CHG~0.00%
Published-23 Apr, 2025 | 16:47
Updated-03 Nov, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FLI files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25100.

Action-Not Available
Vendor-GIMP
Product-gimpGIMP
CWE ID-CWE-787
Out-of-bounds Write
CVE-2007-2356
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-15.67% / 96.45%
||
7 Day CHG~0.00%
Published-30 Apr, 2007 | 22:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the set_color_table function in sunras.c in the SUNRAS plugin in Gimp 2.2.14 allows user-assisted remote attackers to execute arbitrary code via a crafted RAS file.

Action-Not Available
Vendor-n/aGIMP
Product-gimpn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2014-1514
Matching Score-4
Assigner-Mozilla Corporation
ShareView Details
Matching Score-4
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-6.09% / 92.54%
||
7 Day CHG~0.00%
Published-19 Mar, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSESUSERed Hat, Inc.Mozilla CorporationDebian GNU/Linux
Product-thunderbirdsuse_linux_enterprise_software_development_kitdebian_linuxubuntu_linuxseamonkeyenterprise_linux_server_tusenterprise_linux_desktopenterprise_linux_server_eusenterprise_linux_server_ausfirefoxenterprise_linux_serverenterprise_linux_workstationsuse_linux_enterprise_serverenterprise_linux_eussuse_linux_enterprise_desktopopensusen/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2014-2073
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.90% / 91.03%
||
7 Day CHG~0.00%
Published-10 Apr, 2018 | 15:00
Updated-06 Aug, 2024 | 09:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in Dassault Systemes CATIA V5-6R2013 allows remote attackers to execute arbitrary code via a crafted packet, related to "CATV5_Backbone_Bus."

Action-Not Available
Vendor-n/aDassault Systèmes S.E. (3DS)
Product-catian/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-1010043
Matching Score-4
Assigner-7556d962-6fb7-411e-85fa-6cd62f095ba8
ShareView Details
Matching Score-4
Assigner-7556d962-6fb7-411e-85fa-6cd62f095ba8
CVSS Score-9.8||CRITICAL
EPSS-2.31% / 81.25%
||
7 Day CHG~0.00%
Published-16 Jul, 2019 | 13:11
Updated-05 Aug, 2024 | 03:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Quake3e < 5ed740d is affected by: Buffer Overflow. The impact is: Possible code execution and denial of service. The component is: Argument string creation.

Action-Not Available
Vendor-quake3e_projectQuake3e
Product-quake3eQuake3e
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-28592
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.1||HIGH
EPSS-2.54% / 83.09%
||
7 Day CHG~0.00%
Published-15 Apr, 2021 | 13:40
Updated-04 Aug, 2024 | 16:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap-based buffer overflow vulnerability exists in the configuration server functionality of the Cosori Smart 5.8-Quart Air Fryer CS158-AF 1.1.0. A specially crafted JSON object can lead to remote code execution. An attacker can send a malicious packet to trigger this vulnerability.

Action-Not Available
Vendor-cosorin/a
Product-cs158-af_firmwarecs158-afCosori
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-2368
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.53% / 40.82%
||
7 Day CHG~0.00%
Published-17 Mar, 2025 | 08:00
Updated-06 Jan, 2026 | 16:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WebAssembly wabt Malformed File binary-reader-interp.cc OnExport heap-based overflow

A vulnerability was found in WebAssembly wabt 1.0.36 and classified as critical. This issue affects the function wabt::interp::(anonymous namespace)::BinaryReaderInterp::OnExport of the file wabt/src/interp/binary-reader-interp.cc of the component Malformed File Handler. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.

Action-Not Available
Vendor-webassemblyWebAssembly
Product-wabtwabt
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-29016
Matching Score-4
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-4
Assigner-Fortinet, Inc.
CVSS Score-9.8||CRITICAL
EPSS-3.30% / 87.02%
||
7 Day CHG~0.00%
Published-14 Jan, 2021 | 16:04
Updated-25 Oct, 2024 | 14:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.5 and version before 6.2.4 may allow an unauthenticated, remote attacker to overwrite the content of the stack and potentially execute arbitrary code by sending a crafted request with a large certname.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortinet FortiWeb
CWE ID-CWE-787
Out-of-bounds Write
CVE-2014-0133
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-9.29% / 94.76%
||
7 Day CHG~0.00%
Published-28 Mar, 2014 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the SPDY implementation in nginx 1.3.15 before 1.4.7 and 1.5.x before 1.5.12 allows remote attackers to execute arbitrary code via a crafted request.

Action-Not Available
Vendor-n/aopenSUSEF5, Inc.
Product-nginxopensusen/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-27337
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.3||HIGH
EPSS-1.46% / 70.46%
||
7 Day CHG~0.00%
Published-22 Dec, 2020 | 21:04
Updated-30 Sep, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Treck IPv6 before 6.0.1.68. Improper Input Validation in the IPv6 component allows an unauthenticated remote attacker to cause an Out of Bounds Write, and possibly a Denial of Service via network access.

Action-Not Available
Vendor-treckn/a
Product-ipv6n/a
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2014-0011
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-2.49% / 82.72%
||
7 Day CHG~0.00%
Published-02 Jan, 2020 | 19:34
Updated-06 Aug, 2024 | 08:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple heap-based buffer overflows in the ZRLE_DECODE function in common/rfb/zrleDecode.h in TigerVNC before 1.3.1, when NDEBUG is enabled, allow remote VNC servers to cause a denial of service (vncviewer crash) and possibly execute arbitrary code via vectors related to screen image rendering.

Action-Not Available
Vendor-tigervncTigerVNC
Product-tigervncTigerVNC
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-27297
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-2.41% / 82.09%
||
7 Day CHG~0.00%
Published-26 Jan, 2021 | 19:06
Updated-04 Aug, 2024 | 16:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The affected product is vulnerable to a heap-based buffer overflow, which may allow an attacker to manipulate memory with controlled values and remotely execute code on the OPC UA Tunneller (versions prior to 6.3.0.8233).

Action-Not Available
Vendor-n/aHoneywell International Inc.
Product-opc_ua_tunnellerOPC UA Tunneller
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-16227
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.96% / 77.93%
||
7 Day CHG~0.00%
Published-11 Sep, 2019 | 14:47
Updated-05 Aug, 2024 | 01:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in py-lmdb 0.97. For certain values of mn_flags, mdb_cursor_set triggers a memcpy with an invalid write operation within mdb_xcursor_init1. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker.

Action-Not Available
Vendor-py-lmdb_projectn/a
Product-py-lmdbn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-26537
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.15% / 62.97%
||
7 Day CHG+0.01%
Published-02 Oct, 2020 | 08:01
Updated-04 Aug, 2024 | 15:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Foxit Reader and PhantomPDF before 10.1. In a certain Shading calculation, the number of outputs is unequal to the number of color components in a color space. This causes an out-of-bounds write.

Action-Not Available
Vendor-n/aFoxit Software Incorporated
Product-phantompdffoxit_readern/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-2151
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.55% / 41.86%
||
7 Day CHG-0.01%
Published-10 Mar, 2025 | 13:00
Updated-28 May, 2025 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Open Asset Import Library Assimp File ParsingUtils.h GetNextLine stack-based overflow

A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::GetNextLine in the library ParsingUtils.h of the component File Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-assimpOpen Asset Import Library
Product-assimpAssimp
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-2152
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.48% / 38.29%
||
7 Day CHG~0.00%
Published-10 Mar, 2025 | 13:31
Updated-12 May, 2025 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Open Asset Import Library Assimp File BaseImporter.cpp ConvertToUTF8 heap-based overflow

A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function Assimp::BaseImporter::ConvertToUTF8 of the file BaseImporter.cpp of the component File Handler. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-assimpOpen Asset Import Library
Product-assimpAssimp
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2013-4365
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-13.14% / 95.89%
||
7 Day CHG~0.00%
Published-17 Oct, 2013 | 23:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module before 2.3.9 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown vectors.

Action-Not Available
Vendor-n/aopenSUSESUSEThe Apache Software FoundationDebian GNU/Linux
Product-debian_linuxcloudmod_fcgidopensuselinux_enterprise_software_development_kithttp_servern/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-2501
Matching Score-4
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-4
Assigner-QNAP Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-2.94% / 85.44%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 03:25
Updated-16 Sep, 2024 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack Buffer Overflow in Surveillance Station

A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP have already fixed this vulnerability in the following versions: Surveillance Station 5.1.5.4.3 (and later) for ARM CPU NAS (64bit OS) and x86 CPU NAS (64bit OS) Surveillance Station 5.1.5.3.3 (and later) for ARM CPU NAS (32bit OS) and x86 CPU NAS (32bit OS)

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-surveillance_stationnasSurveillance Station
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-25462
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.93% / 77.59%
||
7 Day CHG~0.00%
Published-04 Dec, 2020 | 16:58
Updated-04 Aug, 2024 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap buffer overflow in the fxCheckArrowFunction function at moddable/xs/sources/xsSyntaxical.c:3562 in Moddable SDK before OS200903.

Action-Not Available
Vendor-moddablen/a
Product-moddablen/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2013-3941
Matching Score-4
Assigner-Flexera Software LLC
ShareView Details
Matching Score-4
Assigner-Flexera Software LLC
CVSS Score-9.8||CRITICAL
EPSS-2.76% / 84.46%
||
7 Day CHG~0.00%
Published-02 Jan, 2020 | 19:11
Updated-06 Aug, 2024 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Xjp2.dll in XnView before 2.13 allows remote attackers to execute arbitrary code via (1) the Csiz parameter in a SIZ marker, which triggers an incorrect memory allocation, or (2) the lqcd field in a QCD marker in a crafted JPEG2000 file, which leads to a heap-based buffer overflow.

Action-Not Available
Vendor-XnView (XnSoft)
Product-xnviewXnView
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-23303
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.31% / 67.22%
||
7 Day CHG~0.00%
Published-10 Jun, 2021 | 22:12
Updated-04 Aug, 2024 | 14:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a heap-buffer-overflow at jmem-poolman.c:165 in jmem_pools_collect_empty in JerryScript 2.2.0.

Action-Not Available
Vendor-jerryscriptn/a
Product-jerryscriptn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2013-2739
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.70% / 90.69%
||
7 Day CHG~0.00%
Published-01 Nov, 2019 | 12:09
Updated-06 Aug, 2024 | 15:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MiniDLNA has heap-based buffer overflow

Action-Not Available
Vendor-readymedia_projectn/aDebian GNU/Linux
Product-readymediadebian_linuxn/a
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-16224
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.76% / 75.34%
||
7 Day CHG~0.00%
Published-11 Sep, 2019 | 14:47
Updated-05 Aug, 2024 | 01:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in py-lmdb 0.97. For certain values of md_flags, mdb_node_add does not properly set up a memcpy destination, leading to an invalid write operation. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker.

Action-Not Available
Vendor-py-lmdb_projectn/a
Product-py-lmdbn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-16265
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.64% / 73.43%
||
7 Day CHG~0.00%
Published-25 Oct, 2019 | 16:34
Updated-05 Aug, 2024 | 01:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CODESYS V2.3 ENI server up to V3.2.2.24 has a Buffer Overflow.

Action-Not Available
Vendor-n/aCODESYS GmbH
Product-eni_servercodesysn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-20276
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.29% / 86.98%
||
7 Day CHG~0.00%
Published-18 Dec, 2020 | 18:09
Updated-04 Aug, 2024 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unauthenticated stack-based buffer overflow vulnerability in common.c's handle_PORT in uftpd FTP server versions 2.10 and earlier can be abused to cause a crash and could potentially lead to remote code execution.

Action-Not Available
Vendor-troglobitn/a
Product-uftpdn/a
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 19
  • 20
  • Next
Details not found