VYPR

Imagemagick

by ImageMagick

Source repositories

CVEs (781)

  • CVE-2017-11188HigJul 12, 2017
    risk 0.49cvss 7.5epss 0.02

    The ReadDPXImage function in coders\dpx.c in ImageMagick 7.0.6-0 has a large loop vulnerability that can cause CPU exhaustion via a crafted DPX file, related to lack of an EOF check.

  • CVE-2017-9098HigMay 19, 2017
    risk 0.49cvss 7.5epss 0.04

    ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that…

  • CVE-2017-7619HigApr 10, 2017
    risk 0.49cvss 7.5epss 0.01

    In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms. This affects ModulateHSL, ModulateHCL, ModulateHCLp, ModulateHSB, ModulateHSI, ModulateHSV, ModulateHWB, ModulateLCHab, and ModulateLCHuv.

  • CVE-2014-9804HigMar 30, 2017
    risk 0.49cvss 7.5epss 0.03

    vision.c in ImageMagick allows remote attackers to cause a denial of service (infinite loop) via vectors related to "too many object."

  • CVE-2017-5507HigMar 24, 2017
    risk 0.49cvss 7.5epss 0.06

    Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache.

  • CVE-2014-9839HigMar 22, 2017
    risk 0.49cvss 7.5epss 0.02

    magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access).

  • CVE-2014-9851HigMar 20, 2017
    risk 0.49cvss 7.5epss 0.04

    ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash).

  • CVE-2014-9850HigMar 20, 2017
    risk 0.49cvss 7.5epss 0.04

    Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption).

  • CVE-2014-9849HigMar 20, 2017
    risk 0.49cvss 7.5epss 0.04

    The png coder in ImageMagick allows remote attackers to cause a denial of service (crash).

  • CVE-2014-9848HigMar 20, 2017
    risk 0.49cvss 7.5epss 0.04

    Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).

  • CVE-2014-9842HigMar 20, 2017
    risk 0.49cvss 7.5epss 0.04

    Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.

  • CVE-2014-9854HigMar 17, 2017
    risk 0.49cvss 7.5epss 0.04

    coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image."

  • CVE-2016-10252HigMar 14, 2017
    risk 0.49cvss 7.5epss 0.02

    Memory leak in the IsOptionMember function in MagickCore/option.c in ImageMagick before 6.9.2-2, as used in ODR-PadEnc and other products, allows attackers to trigger memory consumption.

  • CVE-2017-6497HigMar 6, 2017
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in ImageMagick 6.9.7. A specially crafted psd file could lead to a NULL pointer dereference (thus, a DoS).

  • CVE-2016-6823HigJan 18, 2017
    risk 0.49cvss 7.5epss 0.05

    Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds write.

  • CVE-2016-5842HigDec 13, 2016
    risk 0.49cvss 7.5epss 0.06

    MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read.

  • CVE-2012-1610HigJun 5, 2012
    risk 0.49cvss 7.5epss 0.05

    Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service (out-of-bounds read) via a large component count for certain EXIF tags in a JPEG image. NOTE: this vulnerability exists…

  • CVE-2017-15277MedOct 12, 2017
    risk 0.44cvss 6.5epss 0.19

    ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process that operates on interesting…

  • CVE-2016-10059HigMar 23, 2017
    risk 0.44cvss 7.8epss 0.02

    Buffer overflow in coders/tiff.c in ImageMagick before 6.9.4-1 allows remote attackers to cause a denial of service (application crash) or have unspecified other impact via a crafted TIFF file.

  • CVE-2016-10057HigMar 23, 2017
    risk 0.44cvss 7.8epss 0.02

    Buffer overflow in the WriteGROUP4Image function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.

Page 7 of 40