Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Imagemagick Subscribe
Total 630 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-18254 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which allow remote attackers to cause a denial of service via a crafted file.
CVE-2018-14434 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c.
CVE-2018-13153 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand function in MagickCore/animate.c.
CVE-2018-11656 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function ReadDCMImage in coders/dcm.c, which allows attackers to cause a denial of service via a crafted DCM image file.
CVE-2018-11655 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function GetImagePixelCache in MagickCore/cache.c, which allows attackers to cause a denial of service via a crafted CALS image file.
CVE-2018-11625 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2019-10-02 6.8 MEDIUM 8.8 HIGH
In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via a crafted file.
CVE-2018-11251 1 Imagemagick 1 Imagemagick 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.7-23 Q16 x86_64 2018-01-24, there is a heap-based buffer over-read in ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service (application crash in SetGrayscaleImage in MagickCore/quantize.c) via a crafted SUN image file.
CVE-2017-9409 1 Imagemagick 1 Imagemagick 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-5, the ReadMPCImage function in mpc.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9439 1 Imagemagick 1 Imagemagick 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-9499 1 Imagemagick 1 Imagemagick 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function SetPixelChannelAttributes, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-9261 1 Imagemagick 1 Imagemagick 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-6 Q16, the ReadMNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9262 1 Imagemagick 1 Imagemagick 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-6 Q16, the ReadJNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9405 1 Imagemagick 1 Imagemagick 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-5, the ReadICONImage function in icon.c:452 allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9407 1 Imagemagick 1 Imagemagick 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2019-13136 1 Imagemagick 1 Imagemagick 2019-08-21 6.8 MEDIUM 7.8 HIGH
ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c.
CVE-2018-15607 1 Imagemagick 1 Imagemagick 2019-06-25 7.1 HIGH 6.5 MEDIUM
In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.
CVE-2018-18023 1 Imagemagick 1 Imagemagick 2019-06-25 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the SVGStripString function of coders/svg.c, which allows attackers to cause a denial of service via a crafted SVG image file.
CVE-2019-10650 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2019-05-14 5.8 MEDIUM 8.1 HIGH
In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file.
CVE-2017-13142 1 Imagemagick 1 Imagemagick 2019-05-14 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short files.
CVE-2017-14137 1 Imagemagick 1 Imagemagick 2019-05-06 5.0 MEDIUM 7.5 HIGH
ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue where memory allocation is excessive because it depends only on a length field in a header.