Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Enlightenment Subscribe
Filtered by product Imlib2
Total 19 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-12761 1 Enlightenment 1 Imlib2 2021-07-21 6.4 MEDIUM 9.1 CRITICAL
modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant invalid memory allocations and out-of-bounds reads) via an icon with many colors in its color map.
CVE-2016-4024 3 Debian, Enlightenment, Opensuse 3 Debian Linux, Imlib2, Opensuse 2018-10-30 7.5 HIGH 9.8 CRITICAL
Integer overflow in imlib2 before 1.4.9 on 32-bit platforms allows remote attackers to execute arbitrary code via large dimensions in an image, which triggers an out-of-bounds heap memory write operation.
CVE-2010-0991 1 Enlightenment 1 Imlib2 2018-10-10 6.8 MEDIUM N/A
Multiple heap-based buffer overflows in imlib2 1.4.3 allow context-dependent attackers to execute arbitrary code via a crafted (1) ARGB, (2) XPM, or (3) BMP file, related to the IMAGE_DIMENSIONS_OK macro in lib/image.h.
CVE-2004-0827 9 Conectiva, Enlightenment, Imagemagick and 6 more 14 Linux, Imlib, Imlib2 and 11 more 2017-10-10 7.5 HIGH N/A
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.
CVE-2004-0817 9 Conectiva, Enlightenment, Imagemagick and 6 more 16 Linux, Imlib, Imlib2 and 13 more 2017-10-10 7.5 HIGH N/A
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
CVE-2008-6079 1 Enlightenment 1 Imlib2 2017-08-07 10.0 HIGH N/A
imlib2 before 1.4.2 allows context-dependent attackers to have an unspecified impact via a crafted (1) ARGB, (2) BMP, (3) JPEG, (4) LBM, (5) PNM, (6) TGA, or (7) XPM file, related to "several heap and stack based buffer overflows - partly due to integer overflows."
CVE-2006-4806 1 Enlightenment 1 Imlib2 2017-07-19 5.1 MEDIUM N/A
Multiple integer overflows in imlib2 allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) ARGB (loader_argb.c), (2) PNG (loader_png.c), (3) LBM (loader_lbm.c), (4) JPEG (loader_jpeg.c), or (5) TIFF (loader_tiff.c) images.
CVE-2006-4809 1 Enlightenment 1 Imlib2 2017-07-19 5.1 MEDIUM N/A
Stack-based buffer overflow in loader_pnm.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNM image.
CVE-2006-4807 1 Enlightenment 1 Imlib2 2017-07-19 2.6 LOW N/A
loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) via a crafted TGA image that triggers an out-of-bounds memory read, a different issue than CVE-2006-4808.
CVE-2006-4808 1 Enlightenment 1 Imlib2 2017-07-19 2.6 LOW N/A
Heap-based buffer overflow in loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TGA image.
CVE-2004-0802 9 Conectiva, Enlightenment, Imagemagick and 6 more 16 Linux, Imlib, Imlib2 and 13 more 2017-07-10 5.1 MEDIUM N/A
Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.
CVE-2014-9763 2 Debian, Enlightenment 2 Debian Linux, Imlib2 2017-06-30 5.0 MEDIUM 7.5 HIGH
imlib2 before 1.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted PNM file.
CVE-2014-9764 2 Debian, Enlightenment 2 Debian Linux, Imlib2 2017-06-30 5.0 MEDIUM 7.5 HIGH
imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a crafted GIF file.
CVE-2014-9762 2 Debian, Enlightenment 2 Debian Linux, Imlib2 2017-06-30 5.0 MEDIUM 7.5 HIGH
imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a GIF image without a colormap.
CVE-2016-3993 2 Debian, Enlightenment 2 Debian Linux, Imlib2 2016-11-30 5.0 MEDIUM 7.5 HIGH
Off-by-one error in the __imlib_MergeUpdate function in lib/updates.c in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted coordinates.
CVE-2016-3994 2 Debian, Enlightenment 2 Debian Linux, Imlib2 2016-11-30 6.4 MEDIUM 8.2 HIGH
The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (application crash) or obtain sensitive information via a crafted image, which triggers an out-of-bounds read.
CVE-2011-5326 2 Debian, Enlightenment 2 Debian Linux, Imlib2 2016-11-30 5.0 MEDIUM 7.5 HIGH
imlib2 before 1.4.9 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) by drawing a 2x1 ellipse.
CVE-2014-9771 2 Debian, Enlightenment 2 Debian Linux, Imlib2 2016-11-30 5.0 MEDIUM 7.5 HIGH
Integer overflow in imlib2 before 1.4.7 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted image, which triggers an invalid read operation.
CVE-2008-5187 1 Enlightenment 1 Imlib2 2011-03-07 7.5 HIGH N/A
The load function in the XPM loader for imlib2 1.4.2, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XPM file that triggers a "pointer arithmetic error" and a heap-based buffer overflow, a different vulnerability than CVE-2008-2426.