Filtered by vendor Enlightenment
Subscribe
Total
31 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0802 | 9 Conectiva, Enlightenment, Imagemagick and 6 more | 16 Linux, Imlib, Imlib2 and 13 more | 2024-11-20 | 5.1 MEDIUM | N/A |
| Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817. | |||||
| CVE-2002-0168 | 1 Enlightenment | 1 Imlib | 2024-11-20 | 7.5 HIGH | N/A |
| Vulnerability in Imlib before 1.9.13 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by manipulating arguments that are passed to malloc, which results in a heap corruption. | |||||
| CVE-2002-0167 | 1 Enlightenment | 1 Imlib | 2024-11-20 | 7.5 HIGH | N/A |
| Imlib before 1.9.13 sometimes uses the NetPBM package to load trusted images, which could allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain weaknesses of NetPBM. | |||||
| CVE-2002-0143 | 2 Enlightenment, Michael Jennings | 2 Imlib, Eterm | 2024-11-20 | 4.6 MEDIUM | N/A |
| Buffer overflow in Eterm of Enlightenment Imlib2 1.0.4 and earlier allows local users to execute arbitrary code via a long HOME environment variable. | |||||
| CVE-2024-25448 | 1 Enlightenment | 1 Imlib2 | 2024-08-19 | N/A | 8.8 HIGH |
| An issue in the imlib_free_image_and_decache function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image. | |||||
| CVE-2024-25447 | 1 Enlightenment | 1 Imlib2 | 2024-02-15 | N/A | 8.8 HIGH |
| An issue in the imlib_load_image_with_error_return function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image. | |||||
| CVE-2024-25450 | 1 Enlightenment | 1 Imlib2 | 2024-02-15 | N/A | 8.8 HIGH |
| imlib2 v1.9.1 was discovered to mishandle memory allocation in the function init_imlib_fonts(). | |||||
| CVE-2020-12761 | 1 Enlightenment | 1 Imlib2 | 2024-02-04 | 6.4 MEDIUM | 9.1 CRITICAL |
| modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant invalid memory allocations and out-of-bounds reads) via an icon with many colors in its color map. | |||||
| CVE-2018-20167 | 1 Enlightenment | 1 Terminology | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| Terminology before 1.3.1 allows Remote Code Execution because popmedia is mishandled, as demonstrated by an unsafe "cat README.md" command when \e}pn is used. A popmedia control sequence can allow the malicious execution of executable file formats registered in the X desktop share MIME types (/usr/share/applications). The control sequence defers unknown file types to the handle_unknown_media() function, which executes xdg-open against the filename specified in the sequence. The use of xdg-open for all unknown file types allows executable file formats with a registered shared MIME type to be executed. An attacker can achieve remote code execution by introducing an executable file and a plain text file containing the control sequence through a fake software project (e.g., in Git or a tarball). When the control sequence is rendered (such as with cat), the executable file will be run. | |||||
| CVE-2014-1846 | 1 Enlightenment | 1 Enlightenment | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| Enlightenment before 0.17.6 might allow local users to gain privileges via vectors involving the gdb method. | |||||
| CVE-2014-1845 | 1 Enlightenment | 1 Enlightenment | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| An unspecified setuid root helper in Enlightenment before 0.17.6 allows local users to gain privileges by leveraging failure to properly sanitize the environment. | |||||