VYPR

Imagemagick

by ImageMagick

Source repositories

CVEs (781)

  • CVE-2018-14435MedJul 20, 2018
    risk 0.42cvss 6.5epss 0.02

    ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c.

  • CVE-2018-14434MedJul 20, 2018
    risk 0.42cvss 6.5epss 0.03

    ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c.

  • CVE-2018-11656MedJun 1, 2018
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function ReadDCMImage in coders/dcm.c, which allows attackers to cause a denial of service via a crafted DCM image file.

  • CVE-2018-11655MedJun 1, 2018
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function GetImagePixelCache in MagickCore/cache.c, which allows attackers to cause a denial of service via a crafted CALS image file.

  • CVE-2018-11251MedMay 18, 2018
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.7-23 Q16 x86_64 2018-01-24, there is a heap-based buffer over-read in ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service (application crash in SetGrayscaleImage in MagickCore/quantize.c) via a crafted SUN image file.

  • CVE-2017-18273MedMay 18, 2018
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList call.

  • CVE-2017-18272MedMay 18, 2018
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-25, there is a use-after-free in ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted MNG image file that is mishandled in an MngInfoDiscardObject call.

  • CVE-2017-18271MedMay 18, 2018
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file.

  • CVE-2018-10805MedMay 8, 2018
    risk 0.42cvss 6.5epss 0.02

    ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.

  • CVE-2018-10804MedMay 8, 2018
    risk 0.42cvss 6.5epss 0.02

    ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c.

  • CVE-2017-18254MedMar 27, 2018
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which allow remote attackers to cause a denial of service via a crafted file.

  • CVE-2017-18253MedMar 27, 2018
    risk 0.42cvss 6.5epss 0.01

    An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LoadOpenCLDevices in MagickCore/opencl.c, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2017-18252MedMar 27, 2018
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in ImageMagick 7.0.7. The MogrifyImageList function in MagickWand/mogrify.c allows attackers to cause a denial of service (assertion failure and application exit in ReplaceImageInList) via a crafted file.

  • CVE-2017-18251MedMar 27, 2018
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, which allow remote attackers to cause a denial of service via a crafted file.

  • CVE-2017-18250MedMar 27, 2018
    risk 0.42cvss 6.5epss 0.01

    An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LogOpenCLBuildFailure in MagickCore/opencl.c, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2018-7470MedFeb 25, 2018
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in ImageMagick 7.0.7-22 Q16. The IsWEBPImageLossless function in coders/webp.c allows attackers to cause a denial of service (segmentation violation) via a crafted file.

  • CVE-2018-6930MedFeb 13, 2018
    risk 0.42cvss 6.5epss 0.02

    A stack-based buffer over-read in the ComputeResizeImage function in the MagickCore/accelerate.c file of ImageMagick 7.0.7-22 allows a remote attacker to cause a denial of service (application crash) via a maliciously crafted pict file.

  • CVE-2018-6876MedFeb 9, 2018
    risk 0.42cvss 6.5epss 0.03

    The OLEProperty class in ole/oleprop.cpp in libfpx 1.3.1-10, as used in ImageMagick 7.0.7-22 Q16 and other products, allows remote attackers to cause a denial of service (stack-based buffer under-read) via a crafted bmp image.

  • CVE-2018-6405MedJan 30, 2018
    risk 0.42cvss 6.5epss 0.02

    In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service.

  • CVE-2017-18028MedJan 12, 2018
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file.

Page 10 of 40