VYPR

Imagemagick

by ImageMagick

Source repositories

CVEs (775)

  • CVE-2018-12599HigJun 20, 2018
    risk 0.57cvss 8.8epss 0.03

    In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file.

  • CVE-2018-11625HigMay 31, 2018
    risk 0.57cvss 8.8epss 0.02

    In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via a crafted file.

  • CVE-2018-11624HigMay 31, 2018
    risk 0.57cvss 8.8epss 0.02

    In ImageMagick 7.0.7-36 Q16, the ReadMATImage function in coders/mat.c allows attackers to cause a use after free via a crafted file.

  • CVE-2018-9135HigMar 30, 2018
    risk 0.57cvss 8.8epss 0.02

    In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in IsWEBPImageLossless in coders/webp.c.

  • CVE-2017-18209HigMar 1, 2018
    risk 0.57cvss 8.8epss 0.03

    In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory.

  • CVE-2018-5248HigJan 5, 2018
    risk 0.57cvss 8.8epss 0.04

    In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode function.

  • CVE-2017-17880HigDec 27, 2017
    risk 0.57cvss 8.8epss 0.01

    In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to a WEBP_DECODER_ABI_VERSION check.

  • CVE-2017-17879HigDec 27, 2017
    risk 0.57cvss 8.8epss 0.03

    In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error.

  • CVE-2017-16546HigNov 5, 2017
    risk 0.57cvss 8.8epss 0.02

    The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or possibly have unspecified other…

  • CVE-2017-15281HigOct 12, 2017
    risk 0.57cvss 8.8epss 0.03

    ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to "Conditional jump or move depends on uninitialised value(s)."

  • CVE-2017-15017HigOct 5, 2017
    risk 0.57cvss 8.8epss 0.02

    ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c.

  • CVE-2017-15016HigOct 5, 2017
    risk 0.57cvss 8.8epss 0.02

    ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadEnhMetaFile in coders/emf.c.

  • CVE-2017-15015HigOct 5, 2017
    risk 0.57cvss 8.8epss 0.01

    ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDelegateMessage in coders/pdf.c.

  • CVE-2017-14682HigSep 21, 2017
    risk 0.57cvss 8.8epss 0.02

    GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted SVG document, a different vulnerability than CVE-2017-10928.

  • CVE-2017-13146HigAug 23, 2017
    risk 0.57cvss 8.8epss 0.01

    In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory leak in the ReadMATImage function in coders/mat.c.

  • CVE-2017-12983HigAug 21, 2017
    risk 0.57cvss 8.8epss 0.02

    Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.

  • CVE-2017-12669HigAug 7, 2017
    risk 0.57cvss 8.8epss 0.01

    ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteCALSImage in coders/cals.c.

  • CVE-2017-12668HigAug 7, 2017
    risk 0.57cvss 8.8epss 0.01

    ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePCXImage in coders/pcx.c.

  • CVE-2017-12667HigAug 7, 2017
    risk 0.57cvss 8.8epss 0.01

    ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMATImage in coders\mat.c.

  • CVE-2017-12666HigAug 7, 2017
    risk 0.57cvss 8.8epss 0.02

    ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteINLINEImage in coders/inline.c.

Page 3 of 39