Imagemagick
by ImageMagick
Source repositories
CVEs (781)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2014-9806 | Med | 0.36 | 5.5 | 0.01 | Mar 30, 2017 | ImageMagick allows remote attackers to cause a denial of service (file descriptor consumption) via a crafted file. | ||
| CVE-2014-9805 | Med | 0.36 | 5.5 | 0.01 | Mar 30, 2017 | ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file. | ||
| CVE-2017-7275 | Med | 0.36 | 5.5 | 0.01 | Mar 27, 2017 | The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and… | ||
| CVE-2017-5508 | Med | 0.36 | 5.5 | 0.03 | Mar 24, 2017 | Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file. | ||
| CVE-2016-9556 | Med | 0.36 | 5.5 | 0.02 | Mar 23, 2017 | The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file. | ||
| CVE-2014-9915 | Med | 0.36 | 5.5 | 0.01 | Mar 23, 2017 | Off-by-one error in ImageMagick before 6.6.0-4 allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM profile. | ||
| CVE-2014-9840 | Med | 0.36 | 5.5 | 0.01 | Mar 22, 2017 | ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted palm file. | ||
| CVE-2014-9838 | Med | 0.36 | 5.5 | 0.01 | Mar 22, 2017 | magick/cache.c in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (crash). | ||
| CVE-2014-9836 | Med | 0.36 | 5.5 | 0.01 | Mar 22, 2017 | ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service via a crafted xpm file. | ||
| CVE-2014-9845 | Med | 0.36 | 5.5 | 0.02 | Mar 20, 2017 | The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file. | ||
| CVE-2014-9844 | Med | 0.36 | 5.5 | 0.02 | Mar 20, 2017 | The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file. | ||
| CVE-2014-9853 | Med | 0.36 | 5.5 | 0.02 | Mar 17, 2017 | Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file. | ||
| CVE-2017-6502 | Med | 0.36 | 5.5 | 0.01 | Mar 6, 2017 | An issue was discovered in ImageMagick 6.9.7. A specially crafted webp file could lead to a file-descriptor leak in libmagickcore (thus, a DoS). | ||
| CVE-2017-6501 | Med | 0.36 | 5.5 | 0.01 | Mar 6, 2017 | An issue was discovered in ImageMagick 6.9.7. A specially crafted xcf file could lead to a NULL pointer dereference. | ||
| CVE-2017-6500 | Med | 0.36 | 5.5 | 0.01 | Mar 6, 2017 | An issue was discovered in ImageMagick 6.9.7. A specially crafted sun file triggers a heap-based buffer over-read. | ||
| CVE-2017-6499 | Med | 0.36 | 5.5 | 0.01 | Mar 6, 2017 | An issue was discovered in Magick++ in ImageMagick 6.9.7. A specially crafted file creating a nested exception could lead to a memory leak (thus, a DoS). | ||
| CVE-2017-6498 | Med | 0.36 | 5.5 | 0.01 | Mar 6, 2017 | An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could trigger assertion failures, thus leading to DoS. | ||
| CVE-2016-10062 | Med | 0.36 | 5.5 | 0.02 | Mar 2, 2017 | The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via a crafted file. | ||
| CVE-2016-5240 | Med | 0.36 | 5.5 | 0.02 | Feb 27, 2017 | The DrawDashPolygon function in magick/render.c in GraphicsMagick before 1.3.24 and the SVG renderer in ImageMagick allow remote attackers to cause a denial of service (infinite loop) by converting a circularly defined SVG file. | ||
| CVE-2016-9773 | Med | 0.36 | 5.5 | 0.02 | Feb 17, 2017 | Heap-based buffer overflow in the IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file. NOTE: this vulnerability exists because of an incomplete fix for… |
- risk 0.36cvss 5.5epss 0.01
ImageMagick allows remote attackers to cause a denial of service (file descriptor consumption) via a crafted file.
- risk 0.36cvss 5.5epss 0.01
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file.
- risk 0.36cvss 5.5epss 0.01
The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and…
- risk 0.36cvss 5.5epss 0.03
Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file.
- risk 0.36cvss 5.5epss 0.02
The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file.
- risk 0.36cvss 5.5epss 0.01
Off-by-one error in ImageMagick before 6.6.0-4 allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM profile.
- risk 0.36cvss 5.5epss 0.01
ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted palm file.
- risk 0.36cvss 5.5epss 0.01
magick/cache.c in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (crash).
- risk 0.36cvss 5.5epss 0.01
ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service via a crafted xpm file.
- risk 0.36cvss 5.5epss 0.02
The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.
- risk 0.36cvss 5.5epss 0.02
The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.
- risk 0.36cvss 5.5epss 0.02
Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in ImageMagick 6.9.7. A specially crafted webp file could lead to a file-descriptor leak in libmagickcore (thus, a DoS).
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in ImageMagick 6.9.7. A specially crafted xcf file could lead to a NULL pointer dereference.
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in ImageMagick 6.9.7. A specially crafted sun file triggers a heap-based buffer over-read.
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in Magick++ in ImageMagick 6.9.7. A specially crafted file creating a nested exception could lead to a memory leak (thus, a DoS).
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could trigger assertion failures, thus leading to DoS.
- risk 0.36cvss 5.5epss 0.02
The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
- risk 0.36cvss 5.5epss 0.02
The DrawDashPolygon function in magick/render.c in GraphicsMagick before 1.3.24 and the SVG renderer in ImageMagick allow remote attackers to cause a denial of service (infinite loop) by converting a circularly defined SVG file.
- risk 0.36cvss 5.5epss 0.02
Heap-based buffer overflow in the IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file. NOTE: this vulnerability exists because of an incomplete fix for…
Page 22 of 40