Total
3980 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-18271 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2020-09-07 | 7.1 HIGH | 6.5 MEDIUM |
| In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file. | |||||
| CVE-2017-18273 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2020-09-07 | 7.1 HIGH | 6.5 MEDIUM |
| In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList call. | |||||
| CVE-2017-18211 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2020-09-07 | 7.5 HIGH | 9.8 CRITICAL |
| In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function saveBinaryCLProgram in magick/opencl.c because a program-lookup result is not checked, related to CacheOpenCLKernel. | |||||
| CVE-2017-18209 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2020-09-07 | 6.8 MEDIUM | 8.8 HIGH |
| In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory. | |||||
| CVE-2017-17914 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2020-09-07 | 7.1 HIGH | 6.5 MEDIUM |
| In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service (ReadOneMNGImage large loop) via a crafted mng image file. | |||||
| CVE-2017-17682 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2020-09-07 | 7.1 HIGH | 6.5 MEDIUM |
| In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted wpg image file that triggers a ReadWPGImage call. | |||||
| CVE-2017-15281 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2020-09-07 | 6.8 MEDIUM | 8.8 HIGH |
| ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to "Conditional jump or move depends on uninitialised value(s)." | |||||
| CVE-2017-15017 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2020-09-07 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c. | |||||
| CVE-2017-15015 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2020-09-07 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDelegateMessage in coders/pdf.c. | |||||
| CVE-2017-14626 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2020-09-07 | 7.5 HIGH | 9.8 CRITICAL |
| ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c. | |||||
| CVE-2017-14625 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2020-09-07 | 7.5 HIGH | 9.8 CRITICAL |
| ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_output_create in coders/sixel.c. | |||||
| CVE-2017-14624 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2020-09-07 | 7.5 HIGH | 9.8 CRITICAL |
| ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c. | |||||
| CVE-2017-14532 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2020-09-07 | 7.5 HIGH | 9.8 CRITICAL |
| ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c. | |||||
| CVE-2017-14060 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2020-09-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in the ReadCUTImage function in coders/cut.c that could allow an attacker to cause a Denial of Service (in the QueueAuthenticPixelCacheNexus function within the MagickCore/cache.c file) by submitting a malformed image file. | |||||
| CVE-2017-12693 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2020-09-07 | 7.1 HIGH | 6.5 MEDIUM |
| The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted BMP file. | |||||
| CVE-2017-12692 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2020-09-07 | 7.1 HIGH | 6.5 MEDIUM |
| The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted VIFF file. | |||||
| CVE-2017-12691 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2020-09-07 | 7.1 HIGH | 6.5 MEDIUM |
| The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted file. | |||||
| CVE-2017-1000476 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2020-09-07 | 7.1 HIGH | 6.5 MEDIUM |
| ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service. | |||||
| CVE-2020-15862 | 2 Canonical, Net-snmp | 2 Ubuntu Linux, Net-snmp | 2020-09-04 | 7.2 HIGH | 7.8 HIGH |
| Net-SNMP through 5.7.3 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root. | |||||
| CVE-2020-14415 | 2 Canonical, Qemu | 2 Ubuntu Linux, Qemu | 2020-09-02 | 2.1 LOW | 3.3 LOW |
| oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer position. | |||||