|
1031
|
5.0 |
MEDIUM
Local
|
-
|
-
|
A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image loader's 4BPP decoding path allows a local user to cause a Denial of Service (DoS). By opening a specially crafted TIM…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-40916
|
2026-04-18 00:08 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1032
|
5.0 |
MEDIUM
Local
|
-
|
-
|
A flaw was found in GIMP. This vulnerability, a heap buffer over-read in the `icns_slurp()` function, occurs when processing specially crafted ICNS image files. An attacker could provide a malicious …
|
CWE-125
Out-of-bounds Read
|
CVE-2026-40917
|
2026-04-18 00:08 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1033
|
5.5 |
MEDIUM
Local
|
-
|
-
|
A flaw was found in GIMP. Processing a specially crafted PVR image file with large dimensions can lead to a denial of service (DoS). This occurs due to a stack-based buffer overflow and an out-of-bou…
|
CWE-131
Incorrect Calculation of Buffer Size
|
CVE-2026-40918
|
2026-04-18 00:08 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1034
|
6.1 |
MEDIUM
Local
|
-
|
-
|
A flaw was found in GIMP. This vulnerability, a buffer overflow in the `file-seattle-filmworks` plugin, can be exploited when a user opens a specially crafted Seattle Filmworks file. A remote attacke…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-40919
|
2026-04-18 00:08 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1035
|
8.8 |
HIGH
Network
|
-
|
-
|
Use after free in Permissions in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a craf…
|
CWE-416
Use After Free
|
CVE-2026-6315
|
2026-04-18 00:08 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1036
|
8.8 |
HIGH
Network
|
-
|
-
|
Use after free in Forms in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
|
CWE-416
Use After Free
|
CVE-2026-6316
|
2026-04-18 00:08 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1037
|
8.8 |
HIGH
Network
|
-
|
-
|
Use after free in Cast in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
|
CWE-416
Use After Free
|
CVE-2026-6317
|
2026-04-18 00:08 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1038
|
8.8 |
HIGH
Network
|
-
|
-
|
Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
|
CWE-416
Use After Free
|
CVE-2026-6318
|
2026-04-18 00:08 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1039
|
7.5 |
HIGH
Network
|
-
|
-
|
Use after free in Payments in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted…
|
CWE-416
Use After Free
|
CVE-2026-6319
|
2026-04-18 00:08 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1040
|
8.8 |
HIGH
Network
|
-
|
-
|
Use after free in XR in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Critic…
|
CWE-416
Use After Free
|
CVE-2026-6358
|
2026-04-18 00:08 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
