Total
629 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-10064 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2020-11-16 | 6.8 MEDIUM | 7.8 HIGH |
Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file. | |||||
CVE-2016-10070 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2020-11-16 | 4.3 MEDIUM | 5.5 MEDIUM |
Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file. | |||||
CVE-2016-10071 | 1 Imagemagick | 1 Imagemagick | 2020-11-16 | 4.3 MEDIUM | 5.5 MEDIUM |
coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file. | |||||
CVE-2016-7526 | 1 Imagemagick | 1 Imagemagick | 2020-11-16 | 4.3 MEDIUM | 6.5 MEDIUM |
coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file. | |||||
CVE-2016-7527 | 1 Imagemagick | 1 Imagemagick | 2020-11-16 | 4.3 MEDIUM | 6.5 MEDIUM |
coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. | |||||
CVE-2016-7528 | 1 Imagemagick | 1 Imagemagick | 2020-11-16 | 4.3 MEDIUM | 6.5 MEDIUM |
The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted VIFF file. | |||||
CVE-2016-7537 | 1 Imagemagick | 1 Imagemagick | 2020-11-16 | 4.3 MEDIUM | 6.5 MEDIUM |
MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file. | |||||
CVE-2016-7536 | 1 Imagemagick | 1 Imagemagick | 2020-11-16 | 4.3 MEDIUM | 6.5 MEDIUM |
magick/profile.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted profile. | |||||
CVE-2017-17499 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2020-10-28 | 7.5 HIGH | 9.8 CRITICAL |
ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp. | |||||
CVE-2017-5509 | 1 Imagemagick | 1 Imagemagick | 2020-10-28 | 6.8 MEDIUM | 7.8 HIGH |
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write. | |||||
CVE-2017-5510 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2020-10-28 | 6.8 MEDIUM | 7.8 HIGH |
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write. | |||||
CVE-2017-14174 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2020-10-23 | 7.1 HIGH | 6.5 MEDIUM |
In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "length" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop. | |||||
CVE-2017-16546 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2020-10-22 | 6.8 MEDIUM | 8.8 HIGH |
The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or possibly have unspecified other impact via a malformed WPG file. | |||||
CVE-2017-9144 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2020-10-15 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. | |||||
CVE-2017-9142 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2020-10-15 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the WriteBlob function in MagickCore/blob.c because of missing checks in the ReadOneJNGImage function in coders/png.c. | |||||
CVE-2017-9143 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2020-10-15 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c allows attackers to cause a denial of service (memory leak) via a crafted .art file. | |||||
CVE-2017-9141 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2020-10-15 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the ResetImageProfileIterator function in MagickCore/profile.c because of missing checks in the ReadDDSImage function in coders/dds.c. | |||||
CVE-2017-5506 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2020-10-15 | 6.8 MEDIUM | 7.8 HIGH |
Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file. | |||||
CVE-2017-5507 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2020-10-15 | 7.8 HIGH | 7.5 HIGH |
Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache. | |||||
CVE-2017-14341 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2020-10-15 | 7.1 HIGH | 6.5 MEDIUM |
ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in coders/wpg.c, causing CPU exhaustion via a crafted wpg image file. |