Imagemagick
by ImageMagick
Source repositories
CVEs (781)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-15218 | Med | 0.42 | 6.5 | 0.02 | Oct 10, 2017 | ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c. | ||
| CVE-2017-15217 | Med | 0.42 | 6.5 | 0.02 | Oct 10, 2017 | ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c. | ||
| CVE-2017-14989 | Med | 0.42 | 6.5 | 0.01 | Oct 3, 2017 | A use-after-free in RenderFreetype in MagickCore/annotate.c in ImageMagick 7.0.7-4 Q16 allows attackers to crash the application via a crafted font file, because the FT_Done_Glyph function (from FreeType 2) is called at an incorrect place in the ImageMagick code. | ||
| CVE-2017-14741 | Med | 0.42 | 6.5 | 0.01 | Sep 26, 2017 | The ReadCAPTIONImage function in coders/caption.c in ImageMagick 7.0.7-3 allows remote attackers to cause a denial of service (infinite loop) via a crafted font file. | ||
| CVE-2017-14684 | Med | 0.42 | 6.5 | 0.01 | Sep 22, 2017 | In ImageMagick 7.0.7-4 Q16, a memory leak vulnerability was found in the function ReadVIPSImage in coders/vips.c, which allows attackers to cause a denial of service (memory consumption in ResizeMagickMemory in MagickCore/memory.c) via a crafted file. | ||
| CVE-2017-14533 | Med | 0.42 | 6.5 | 0.02 | Sep 18, 2017 | ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c. | ||
| CVE-2017-14531 | Med | 0.42 | 6.5 | 0.02 | Sep 18, 2017 | ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in coders/sun.c. | ||
| CVE-2017-14528 | Med | 0.42 | 6.5 | 0.03 | Sep 18, 2017 | The TIFFSetProfiles function in coders/tiff.c in ImageMagick 7.0.6 has incorrect expectations about whether LibTIFF TIFFGetField return values imply that data validation has occurred, which allows remote attackers to cause a denial of service (use-after-free after an invalid… | ||
| CVE-2017-14505 | Med | 0.42 | 6.5 | 0.01 | Sep 17, 2017 | DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Service (NULL pointer dereference and application crash in AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted… | ||
| CVE-2017-14400 | Med | 0.42 | 6.5 | 0.02 | Sep 12, 2017 | In ImageMagick 7.0.7-1 Q16, the PersistPixelCache function in magick/cache.c mishandles the pixel cache nexus, which allows remote attackers to cause a denial of service (NULL pointer dereference in the function GetVirtualPixels in MagickCore/cache.c) via a crafted file. | ||
| CVE-2017-14343 | Med | 0.42 | 6.5 | 0.01 | Sep 12, 2017 | ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file. | ||
| CVE-2017-14342 | Med | 0.42 | 6.5 | 0.01 | Sep 12, 2017 | ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c via a crafted wpg image file. | ||
| CVE-2017-14341 | Med | 0.42 | 6.5 | 0.02 | Sep 12, 2017 | ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in coders/wpg.c, causing CPU exhaustion via a crafted wpg image file. | ||
| CVE-2017-14326 | Med | 0.42 | 6.5 | 0.01 | Sep 12, 2017 | In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file. | ||
| CVE-2017-14325 | Med | 0.42 | 6.5 | 0.02 | Sep 12, 2017 | In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function PersistPixelCache in magick/cache.c, which allows attackers to cause a denial of service (memory consumption in ReadMPCImage in coders/mpc.c) via a crafted file. | ||
| CVE-2017-14324 | Med | 0.42 | 6.5 | 0.01 | Sep 12, 2017 | In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service via a crafted file. | ||
| CVE-2017-14249 | Med | 0.42 | 6.5 | 0.02 | Sep 11, 2017 | ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in coders/mpc.c, leading to division by zero in GetPixelCacheTileSize in MagickCore/cache.c, allowing remote attackers to cause a denial of service via a crafted file. | ||
| CVE-2017-14248 | Med | 0.42 | 6.5 | 0.01 | Sep 11, 2017 | A heap-based buffer over-read in SampleImage() in MagickCore/resize.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service via a crafted file. | ||
| CVE-2017-14175 | Med | 0.42 | 6.5 | 0.02 | Sep 7, 2017 | In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is… | ||
| CVE-2017-14174 | Med | 0.42 | 6.5 | 0.02 | Sep 7, 2017 | In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "length" field in the header but does not contain sufficient backing data, is… |
- risk 0.42cvss 6.5epss 0.02
ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c.
- risk 0.42cvss 6.5epss 0.02
ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c.
- risk 0.42cvss 6.5epss 0.01
A use-after-free in RenderFreetype in MagickCore/annotate.c in ImageMagick 7.0.7-4 Q16 allows attackers to crash the application via a crafted font file, because the FT_Done_Glyph function (from FreeType 2) is called at an incorrect place in the ImageMagick code.
- risk 0.42cvss 6.5epss 0.01
The ReadCAPTIONImage function in coders/caption.c in ImageMagick 7.0.7-3 allows remote attackers to cause a denial of service (infinite loop) via a crafted font file.
- risk 0.42cvss 6.5epss 0.01
In ImageMagick 7.0.7-4 Q16, a memory leak vulnerability was found in the function ReadVIPSImage in coders/vips.c, which allows attackers to cause a denial of service (memory consumption in ResizeMagickMemory in MagickCore/memory.c) via a crafted file.
- risk 0.42cvss 6.5epss 0.02
ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c.
- risk 0.42cvss 6.5epss 0.02
ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in coders/sun.c.
- risk 0.42cvss 6.5epss 0.03
The TIFFSetProfiles function in coders/tiff.c in ImageMagick 7.0.6 has incorrect expectations about whether LibTIFF TIFFGetField return values imply that data validation has occurred, which allows remote attackers to cause a denial of service (use-after-free after an invalid…
- risk 0.42cvss 6.5epss 0.01
DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Service (NULL pointer dereference and application crash in AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted…
- risk 0.42cvss 6.5epss 0.02
In ImageMagick 7.0.7-1 Q16, the PersistPixelCache function in magick/cache.c mishandles the pixel cache nexus, which allows remote attackers to cause a denial of service (NULL pointer dereference in the function GetVirtualPixels in MagickCore/cache.c) via a crafted file.
- risk 0.42cvss 6.5epss 0.01
ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file.
- risk 0.42cvss 6.5epss 0.01
ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c via a crafted wpg image file.
- risk 0.42cvss 6.5epss 0.02
ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in coders/wpg.c, causing CPU exhaustion via a crafted wpg image file.
- risk 0.42cvss 6.5epss 0.01
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file.
- risk 0.42cvss 6.5epss 0.02
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function PersistPixelCache in magick/cache.c, which allows attackers to cause a denial of service (memory consumption in ReadMPCImage in coders/mpc.c) via a crafted file.
- risk 0.42cvss 6.5epss 0.01
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service via a crafted file.
- risk 0.42cvss 6.5epss 0.02
ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in coders/mpc.c, leading to division by zero in GetPixelCacheTileSize in MagickCore/cache.c, allowing remote attackers to cause a denial of service via a crafted file.
- risk 0.42cvss 6.5epss 0.01
A heap-based buffer over-read in SampleImage() in MagickCore/resize.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service via a crafted file.
- risk 0.42cvss 6.5epss 0.02
In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is…
- risk 0.42cvss 6.5epss 0.02
In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "length" field in the header but does not contain sufficient backing data, is…
Page 12 of 40