VYPR

Imagemagick

by ImageMagick

Source repositories

CVEs (781)

  • CVE-2017-15218MedOct 10, 2017
    risk 0.42cvss 6.5epss 0.02

    ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c.

  • CVE-2017-15217MedOct 10, 2017
    risk 0.42cvss 6.5epss 0.02

    ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c.

  • CVE-2017-14989MedOct 3, 2017
    risk 0.42cvss 6.5epss 0.01

    A use-after-free in RenderFreetype in MagickCore/annotate.c in ImageMagick 7.0.7-4 Q16 allows attackers to crash the application via a crafted font file, because the FT_Done_Glyph function (from FreeType 2) is called at an incorrect place in the ImageMagick code.

  • CVE-2017-14741MedSep 26, 2017
    risk 0.42cvss 6.5epss 0.01

    The ReadCAPTIONImage function in coders/caption.c in ImageMagick 7.0.7-3 allows remote attackers to cause a denial of service (infinite loop) via a crafted font file.

  • CVE-2017-14684MedSep 22, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.7-4 Q16, a memory leak vulnerability was found in the function ReadVIPSImage in coders/vips.c, which allows attackers to cause a denial of service (memory consumption in ResizeMagickMemory in MagickCore/memory.c) via a crafted file.

  • CVE-2017-14533MedSep 18, 2017
    risk 0.42cvss 6.5epss 0.02

    ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c.

  • CVE-2017-14531MedSep 18, 2017
    risk 0.42cvss 6.5epss 0.02

    ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in coders/sun.c.

  • CVE-2017-14528MedSep 18, 2017
    risk 0.42cvss 6.5epss 0.03

    The TIFFSetProfiles function in coders/tiff.c in ImageMagick 7.0.6 has incorrect expectations about whether LibTIFF TIFFGetField return values imply that data validation has occurred, which allows remote attackers to cause a denial of service (use-after-free after an invalid…

  • CVE-2017-14505MedSep 17, 2017
    risk 0.42cvss 6.5epss 0.01

    DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Service (NULL pointer dereference and application crash in AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted…

  • CVE-2017-14400MedSep 12, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.7-1 Q16, the PersistPixelCache function in magick/cache.c mishandles the pixel cache nexus, which allows remote attackers to cause a denial of service (NULL pointer dereference in the function GetVirtualPixels in MagickCore/cache.c) via a crafted file.

  • CVE-2017-14343MedSep 12, 2017
    risk 0.42cvss 6.5epss 0.01

    ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file.

  • CVE-2017-14342MedSep 12, 2017
    risk 0.42cvss 6.5epss 0.01

    ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c via a crafted wpg image file.

  • CVE-2017-14341MedSep 12, 2017
    risk 0.42cvss 6.5epss 0.02

    ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in coders/wpg.c, causing CPU exhaustion via a crafted wpg image file.

  • CVE-2017-14326MedSep 12, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2017-14325MedSep 12, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function PersistPixelCache in magick/cache.c, which allows attackers to cause a denial of service (memory consumption in ReadMPCImage in coders/mpc.c) via a crafted file.

  • CVE-2017-14324MedSep 12, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2017-14249MedSep 11, 2017
    risk 0.42cvss 6.5epss 0.02

    ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in coders/mpc.c, leading to division by zero in GetPixelCacheTileSize in MagickCore/cache.c, allowing remote attackers to cause a denial of service via a crafted file.

  • CVE-2017-14248MedSep 11, 2017
    risk 0.42cvss 6.5epss 0.01

    A heap-based buffer over-read in SampleImage() in MagickCore/resize.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service via a crafted file.

  • CVE-2017-14175MedSep 7, 2017
    risk 0.42cvss 6.5epss 0.02

    In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is…

  • CVE-2017-14174MedSep 7, 2017
    risk 0.42cvss 6.5epss 0.02

    In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "length" field in the header but does not contain sufficient backing data, is…

Page 12 of 40