Imagemagick
by ImageMagick
Source repositories
CVEs (781)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-14435 | Med | 0.42 | 6.5 | 0.02 | Jul 20, 2018 | ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c. | ||
| CVE-2018-14434 | Med | 0.42 | 6.5 | 0.03 | Jul 20, 2018 | ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c. | ||
| CVE-2018-11656 | Med | 0.42 | 6.5 | 0.02 | Jun 1, 2018 | In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function ReadDCMImage in coders/dcm.c, which allows attackers to cause a denial of service via a crafted DCM image file. | ||
| CVE-2018-11655 | Med | 0.42 | 6.5 | 0.02 | Jun 1, 2018 | In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function GetImagePixelCache in MagickCore/cache.c, which allows attackers to cause a denial of service via a crafted CALS image file. | ||
| CVE-2018-11251 | Med | 0.42 | 6.5 | 0.02 | May 18, 2018 | In ImageMagick 7.0.7-23 Q16 x86_64 2018-01-24, there is a heap-based buffer over-read in ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service (application crash in SetGrayscaleImage in MagickCore/quantize.c) via a crafted SUN image file. | ||
| CVE-2017-18273 | Med | 0.42 | 6.5 | 0.02 | May 18, 2018 | In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList call. | ||
| CVE-2017-18272 | Med | 0.42 | 6.5 | 0.01 | May 18, 2018 | In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-25, there is a use-after-free in ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted MNG image file that is mishandled in an MngInfoDiscardObject call. | ||
| CVE-2017-18271 | Med | 0.42 | 6.5 | 0.02 | May 18, 2018 | In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file. | ||
| CVE-2018-10805 | Med | 0.42 | 6.5 | 0.02 | May 8, 2018 | ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c. | ||
| CVE-2018-10804 | Med | 0.42 | 6.5 | 0.02 | May 8, 2018 | ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c. | ||
| CVE-2017-18254 | Med | 0.42 | 6.5 | 0.02 | Mar 27, 2018 | An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which allow remote attackers to cause a denial of service via a crafted file. | ||
| CVE-2017-18253 | Med | 0.42 | 6.5 | 0.01 | Mar 27, 2018 | An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LoadOpenCLDevices in MagickCore/opencl.c, which allows attackers to cause a denial of service via a crafted file. | ||
| CVE-2017-18252 | Med | 0.42 | 6.5 | 0.02 | Mar 27, 2018 | An issue was discovered in ImageMagick 7.0.7. The MogrifyImageList function in MagickWand/mogrify.c allows attackers to cause a denial of service (assertion failure and application exit in ReplaceImageInList) via a crafted file. | ||
| CVE-2017-18251 | Med | 0.42 | 6.5 | 0.02 | Mar 27, 2018 | An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, which allow remote attackers to cause a denial of service via a crafted file. | ||
| CVE-2017-18250 | Med | 0.42 | 6.5 | 0.01 | Mar 27, 2018 | An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LogOpenCLBuildFailure in MagickCore/opencl.c, which allows attackers to cause a denial of service via a crafted file. | ||
| CVE-2018-7470 | Med | 0.42 | 6.5 | 0.02 | Feb 25, 2018 | An issue was discovered in ImageMagick 7.0.7-22 Q16. The IsWEBPImageLossless function in coders/webp.c allows attackers to cause a denial of service (segmentation violation) via a crafted file. | ||
| CVE-2018-6930 | Med | 0.42 | 6.5 | 0.02 | Feb 13, 2018 | A stack-based buffer over-read in the ComputeResizeImage function in the MagickCore/accelerate.c file of ImageMagick 7.0.7-22 allows a remote attacker to cause a denial of service (application crash) via a maliciously crafted pict file. | ||
| CVE-2018-6876 | Med | 0.42 | 6.5 | 0.03 | Feb 9, 2018 | The OLEProperty class in ole/oleprop.cpp in libfpx 1.3.1-10, as used in ImageMagick 7.0.7-22 Q16 and other products, allows remote attackers to cause a denial of service (stack-based buffer under-read) via a crafted bmp image. | ||
| CVE-2018-6405 | Med | 0.42 | 6.5 | 0.02 | Jan 30, 2018 | In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service. | ||
| CVE-2017-18028 | Med | 0.42 | 6.5 | 0.02 | Jan 12, 2018 | In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file. |
- risk 0.42cvss 6.5epss 0.02
ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c.
- risk 0.42cvss 6.5epss 0.03
ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c.
- risk 0.42cvss 6.5epss 0.02
In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function ReadDCMImage in coders/dcm.c, which allows attackers to cause a denial of service via a crafted DCM image file.
- risk 0.42cvss 6.5epss 0.02
In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function GetImagePixelCache in MagickCore/cache.c, which allows attackers to cause a denial of service via a crafted CALS image file.
- risk 0.42cvss 6.5epss 0.02
In ImageMagick 7.0.7-23 Q16 x86_64 2018-01-24, there is a heap-based buffer over-read in ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service (application crash in SetGrayscaleImage in MagickCore/quantize.c) via a crafted SUN image file.
- risk 0.42cvss 6.5epss 0.02
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList call.
- risk 0.42cvss 6.5epss 0.01
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-25, there is a use-after-free in ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted MNG image file that is mishandled in an MngInfoDiscardObject call.
- risk 0.42cvss 6.5epss 0.02
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file.
- risk 0.42cvss 6.5epss 0.02
ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.
- risk 0.42cvss 6.5epss 0.02
ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which allow remote attackers to cause a denial of service via a crafted file.
- risk 0.42cvss 6.5epss 0.01
An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LoadOpenCLDevices in MagickCore/opencl.c, which allows attackers to cause a denial of service via a crafted file.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in ImageMagick 7.0.7. The MogrifyImageList function in MagickWand/mogrify.c allows attackers to cause a denial of service (assertion failure and application exit in ReplaceImageInList) via a crafted file.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, which allow remote attackers to cause a denial of service via a crafted file.
- risk 0.42cvss 6.5epss 0.01
An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LogOpenCLBuildFailure in MagickCore/opencl.c, which allows attackers to cause a denial of service via a crafted file.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in ImageMagick 7.0.7-22 Q16. The IsWEBPImageLossless function in coders/webp.c allows attackers to cause a denial of service (segmentation violation) via a crafted file.
- risk 0.42cvss 6.5epss 0.02
A stack-based buffer over-read in the ComputeResizeImage function in the MagickCore/accelerate.c file of ImageMagick 7.0.7-22 allows a remote attacker to cause a denial of service (application crash) via a maliciously crafted pict file.
- risk 0.42cvss 6.5epss 0.03
The OLEProperty class in ole/oleprop.cpp in libfpx 1.3.1-10, as used in ImageMagick 7.0.7-22 Q16 and other products, allows remote attackers to cause a denial of service (stack-based buffer under-read) via a crafted bmp image.
- risk 0.42cvss 6.5epss 0.02
In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service.
- risk 0.42cvss 6.5epss 0.02
In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file.
Page 10 of 40