Filtered by vendor Imagemagick
Subscribe
Total
630 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-18254 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which allow remote attackers to cause a denial of service via a crafted file. | |||||
CVE-2018-14434 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c. | |||||
CVE-2018-13153 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand function in MagickCore/animate.c. | |||||
CVE-2018-11656 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function ReadDCMImage in coders/dcm.c, which allows attackers to cause a denial of service via a crafted DCM image file. | |||||
CVE-2018-11655 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function GetImagePixelCache in MagickCore/cache.c, which allows attackers to cause a denial of service via a crafted CALS image file. | |||||
CVE-2018-11625 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2019-10-02 | 6.8 MEDIUM | 8.8 HIGH |
In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via a crafted file. | |||||
CVE-2018-11251 | 1 Imagemagick | 1 Imagemagick | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.0.7-23 Q16 x86_64 2018-01-24, there is a heap-based buffer over-read in ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service (application crash in SetGrayscaleImage in MagickCore/quantize.c) via a crafted SUN image file. | |||||
CVE-2017-9409 | 1 Imagemagick | 1 Imagemagick | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.0.5-5, the ReadMPCImage function in mpc.c allows attackers to cause a denial of service (memory leak) via a crafted file. | |||||
CVE-2017-9439 | 1 Imagemagick | 1 Imagemagick | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service via a crafted file. | |||||
CVE-2017-9499 | 1 Imagemagick | 1 Imagemagick | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function SetPixelChannelAttributes, which allows attackers to cause a denial of service via a crafted file. | |||||
CVE-2017-9261 | 1 Imagemagick | 1 Imagemagick | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.0.5-6 Q16, the ReadMNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file. | |||||
CVE-2017-9262 | 1 Imagemagick | 1 Imagemagick | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.0.5-6 Q16, the ReadJNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file. | |||||
CVE-2017-9405 | 1 Imagemagick | 1 Imagemagick | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.0.5-5, the ReadICONImage function in icon.c:452 allows attackers to cause a denial of service (memory leak) via a crafted file. | |||||
CVE-2017-9407 | 1 Imagemagick | 1 Imagemagick | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allows attackers to cause a denial of service (memory leak) via a crafted file. | |||||
CVE-2019-13136 | 1 Imagemagick | 1 Imagemagick | 2019-08-21 | 6.8 MEDIUM | 7.8 HIGH |
ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c. | |||||
CVE-2018-15607 | 1 Imagemagick | 1 Imagemagick | 2019-06-25 | 7.1 HIGH | 6.5 MEDIUM |
In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file. | |||||
CVE-2018-18023 | 1 Imagemagick | 1 Imagemagick | 2019-06-25 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the SVGStripString function of coders/svg.c, which allows attackers to cause a denial of service via a crafted SVG image file. | |||||
CVE-2019-10650 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2019-05-14 | 5.8 MEDIUM | 8.1 HIGH |
In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file. | |||||
CVE-2017-13142 | 1 Imagemagick | 1 Imagemagick | 2019-05-14 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short files. | |||||
CVE-2017-14137 | 1 Imagemagick | 1 Imagemagick | 2019-05-06 | 5.0 MEDIUM | 7.5 HIGH |
ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue where memory allocation is excessive because it depends only on a length field in a header. |