Imlib2

imlib2

Vendor: Enlightenment • 22 CVEs

CVEs (22)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-25450 1Enlightenment 1Imlib2 Jun 16, 2025 Feb 9, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 imlib2 v1.9.1 was discovered to mishandle memory allocation in the function init_imlib_fonts().
CVE-2024-25448 1Enlightenment 1Imlib2 Nov 21, 2024 Feb 9, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 An issue in the imlib_free_image_and_decache function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image.
CVE-2024-25447 1Enlightenment 1Imlib2 May 15, 2025 Feb 9, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 An issue in the imlib_load_image_with_error_return function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image.
CVE-2020-12761 1Enlightenment 1Imlib2 Nov 21, 2024 May 9, 2020 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant invalid memory allocations and out-of-bounds reads) via an icon with many colors in its color map.
CVE-2016-4024 3Debian EnlightenmentOpensuse 3Debian Linux Imlib2Opensuse May 6, 2026 May 13, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Integer overflow in imlib2 before 1.4.9 on 32-bit platforms allows remote attackers to execute arbitrary code via large dimensions in an image, which triggers an out-of-bounds heap memory write operation.
CVE-2016-3994 2Debian Enlightenment 2Debian Linux Imlib2 May 6, 2026 May 13, 2016 N/A· v4 8.2 HIGH· v3 6.4 MEDIUM· v2 The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (application crash) or obtain sensitive information via a crafted image, which triggers an out-of-bounds read.
CVE-2016-3993 2Debian Enlightenment 2Debian Linux Imlib2 May 6, 2026 May 13, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Off-by-one error in the __imlib_MergeUpdate function in lib/updates.c in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted coordinates.
CVE-2014-9771 2Debian Enlightenment 2Debian Linux Imlib2 May 6, 2026 May 13, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Integer overflow in imlib2 before 1.4.7 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted image, which triggers an invalid read operation.
CVE-2014-9764 2Debian Enlightenment 2Debian Linux Imlib2 May 6, 2026 May 13, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a crafted GIF file.
CVE-2014-9763 2Debian Enlightenment 2Debian Linux Imlib2 May 6, 2026 May 13, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 imlib2 before 1.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted PNM file.
CVE-2014-9762 2Debian Enlightenment 2Debian Linux Imlib2 May 6, 2026 May 13, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a GIF image without a colormap.
CVE-2011-5326 2Debian Enlightenment 2Debian Linux Imlib2 May 6, 2026 May 13, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 imlib2 before 1.4.9 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) by drawing a 2x1 ellipse.
CVE-2010-0991 1Enlightenment 1Imlib2 Apr 29, 2026 Apr 22, 2010 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Multiple heap-based buffer overflows in imlib2 1.4.3 allow context-dependent attackers to execute arbitrary code via a crafted (1) ARGB, (2) XPM, or (3) BMP file, related to the IMAGE_DIMENSIONS_OK macro in lib/image.h.
CVE-2008-6079 1Enlightenment 1Imlib2 Apr 23, 2026 Feb 6, 2009 N/A· v4 N/A· v3 10.0 HIGH· v2 imlib2 before 1.4.2 allows context-dependent attackers to have an unspecified impact via a crafted (1) ARGB, (2) BMP, (3) JPEG, (4) LBM, (5) PNM, (6) TGA, or (7) XPM file, related to "several heap and stack based buffer...Show more imlib2 before 1.4.2 allows context-dependent attackers to have an unspecified impact via a crafted (1) ARGB, (2) BMP, (3) JPEG, (4) LBM, (5) PNM, (6) TGA, or (7) XPM file, related to "several heap and stack based buffer overflows - partly due to integer overflows."Show less
CVE-2008-5187 1Enlightenment 1Imlib2 Apr 23, 2026 Nov 21, 2008 N/A· v4 N/A· v3 7.5 HIGH· v2 The load function in the XPM loader for imlib2 1.4.2, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XPM file that triggers a "pointer...Show more The load function in the XPM loader for imlib2 1.4.2, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XPM file that triggers a "pointer arithmetic error" and a heap-based buffer overflow, a different vulnerability than CVE-2008-2426.Show less
CVE-2006-4809 1Enlightenment 1Imlib2 Apr 23, 2026 Nov 7, 2006 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Stack-based buffer overflow in loader_pnm.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafte...Show more Stack-based buffer overflow in loader_pnm.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNM image.Show less
CVE-2006-4808 1Enlightenment 1Imlib2 Apr 23, 2026 Nov 7, 2006 N/A· v4 N/A· v3 2.6 LOW· v2 Heap-based buffer overflow in loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted...Show more Heap-based buffer overflow in loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TGA image.Show less
CVE-2006-4807 1Enlightenment 1Imlib2 Apr 23, 2026 Nov 7, 2006 N/A· v4 N/A· v3 2.6 LOW· v2 loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) via a crafted TGA image that triggers an out-of-bounds memory read, a different...Show more loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) via a crafted TGA image that triggers an out-of-bounds memory read, a different issue than CVE-2006-4808.Show less
CVE-2006-4806 1Enlightenment 1Imlib2 Apr 23, 2026 Nov 7, 2006 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Multiple integer overflows in imlib2 allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) ARGB (loader_argb.c), (2) PNG (loader_png.c), (3) LBM (...Show more Multiple integer overflows in imlib2 allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) ARGB (loader_argb.c), (2) PNG (loader_png.c), (3) LBM (loader_lbm.c), (4) JPEG (loader_jpeg.c), or (5) TIFF (loader_tiff.c) images.Show less
CVE-2004-0817 9Conectiva EnlightenmentImagemagick+6 more 16Enterprise Linux Enterprise Linux DesktopFedora Core+13 more Apr 16, 2026 Dec 31, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.

12 Next