Vulnerabilities > Enlightenment > Imlib2 > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-09 | CVE-2024-25447 | Out-of-bounds Write vulnerability in Enlightenment Imlib2 1.9.1 An issue in the imlib_load_image_with_error_return function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image. | 8.8 |
| 2024-02-09 | CVE-2024-25448 | Out-of-bounds Write vulnerability in Enlightenment Imlib2 1.9.1 An issue in the imlib_free_image_and_decache function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image. | 8.8 |
| 2024-02-09 | CVE-2024-25450 | Unspecified vulnerability in Enlightenment Imlib2 1.9.1 imlib2 v1.9.1 was discovered to mishandle memory allocation in the function init_imlib_fonts(). | 8.8 |
| 2016-05-13 | CVE-2016-4024 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Integer overflow in imlib2 before 1.4.9 on 32-bit platforms allows remote attackers to execute arbitrary code via large dimensions in an image, which triggers an out-of-bounds heap memory write operation. | 7.5 |
| 2008-11-21 | CVE-2008-5187 | Buffer Errors vulnerability in Enlightenment Imlib2 1.4.2 The load function in the XPM loader for imlib2 1.4.2, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XPM file that triggers a "pointer arithmetic error" and a heap-based buffer overflow, a different vulnerability than CVE-2008-2426. | 7.5 |
| 2004-12-31 | CVE-2004-0817 | BMP Image Decoding Buffer Overflow vulnerability in IMLib/IMLib2 Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file. network low complexity enlightenment imagemagick sun conectiva mandrakesoft redhat suse turbolinux ubuntu | 7.5 |
| 2004-09-16 | CVE-2004-0827 | Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files. network low complexity enlightenment imagemagick sun conectiva mandrakesoft redhat suse turbolinux ubuntu | 7.5 |