CVE-2025-48796 – GIMP ANI File Stack-Based Overflow RCE Vulnerability

May 27, 2025

CVE ID : CVE-2025-48796

Published : May 27, 2025, 2:15 p.m. | 2 hours, 43 minutes ago

Description : A flaw was found in GIMP. The GIMP ani_load_image() function is vulnerable to a stack-based overflow. If a user opens.ANI files, GIMP may be used to store more information than the capacity allows. This flaw allows a malicious ANI file to trigger arbitrary code execution.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48798 – GIMP XCF Image File Use-After-Free Vulnerability

Next Article CVE-2025-5272 – Firefox Memory Corruption Vulnerability

Highlights

CVE-2024-11917 – Xing and Google Vulnerability: Authentication Bypass in JobSearch WP Job Board Plugin

April 25, 2025

CVE ID : CVE-2024-11917

Published : April 25, 2025, 12:15 p.m. | 3 hours, 28 minutes ago

Description : The JobSearch WP Job Board plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.8.8. This is due to improper configurations in the ‘jobsearch_xing_response_data_callback’, ‘set_access_tokes’, and ‘google_callback’ functions. This makes it possible for unauthenticated attackers to log in as the first connected Xing user, or any connected Xing user if the Xing id is known. It is also possible for unauthenticated attackers to log in as the first connected Google user if the user has logged in, without subsequently logging out, in thirty days. The vulnerability was partially patched in version 2.8.4.

Severity: 8.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Rilasciato Shotcut 25.05: Nuovi Potenti Strumenti per il Montaggio Video su GNU/Linux

May 12, 2025

CVE-2025-6939 – TOTOLINK A3002RU HTTP POST Request Handler Buffer Overflow

June 30, 2025

Meta AI Proposes Multi-Token Attention (MTA): A New Attention Method which Allows LLMs to Condition their Attention Weights on Multiple Query and Key Vectors

April 2, 2025

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2025-48796 – GIMP ANI File Stack-Based Overflow RCE Vulnerability

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

Meta Wins Lawsuit Against Spyware Vendor NSO Group

CVE-2025-5270 – “Firefox SSL/TLS Man-in-the-Middle Vulnerability”

CVE-2025-36630 – Nessus Windows Local Privilege Escalation Vulnerability

Don’t Tap The Glass Tyler The Creator Shirt

CVE-2024-11917 – Xing and Google Vulnerability: Authentication Bypass in JobSearch WP Job Board Plugin

Rilasciato Shotcut 25.05: Nuovi Potenti Strumenti per il Montaggio Video su GNU/Linux

CVE-2025-6939 – TOTOLINK A3002RU HTTP POST Request Handler Buffer Overflow

Meta AI Proposes Multi-Token Attention (MTA): A New Attention Method which Allows LLMs to Condition their Attention Weights on Multiple Query and Key Vectors

CVE-2025-48796 – GIMP ANI File Stack-Based Overflow RCE Vulnerability

Related Posts