VYPR

Graphicsmagick

by Graphicsmagick

Source repositories

CVEs (128)

  • CVE-2017-17782HigDec 20, 2017
    risk 0.57cvss 8.8epss 0.02

    In GraphicsMagick 1.3.27a, there is a heap-based buffer over-read in ReadOneJNGImage in coders/png.c, related to oFFs chunk allocation.

  • CVE-2017-17503HigDec 11, 2017
    risk 0.57cvss 8.8epss 0.02

    ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file.

  • CVE-2017-17502HigDec 11, 2017
    risk 0.57cvss 8.8epss 0.02

    ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a magick/import.c ImportCMYKQuantumType heap-based buffer over-read via a crafted file.

  • CVE-2017-17501HigDec 11, 2017
    risk 0.57cvss 8.8epss 0.03

    WriteOnePNGImage in coders/png.c in GraphicsMagick 1.3.26 has a heap-based buffer over-read via a crafted file.

  • CVE-2017-17500HigDec 11, 2017
    risk 0.57cvss 8.8epss 0.03

    ReadRGBImage in coders/rgb.c in GraphicsMagick 1.3.26 has a magick/import.c ImportRGBQuantumType heap-based buffer over-read via a crafted file.

  • CVE-2017-17498HigDec 11, 2017
    risk 0.57cvss 8.8epss 0.03

    WritePNMImage in coders/pnm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (bit_stream.c MagickBitStreamMSBWrite heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.

  • CVE-2017-16669HigNov 9, 2017
    risk 0.57cvss 8.8epss 0.03

    coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to the AcquireCacheNexus function in magick/pixel_cache.c.

  • CVE-2017-16547HigNov 6, 2017
    risk 0.57cvss 8.8epss 0.02

    The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does not properly look for pop keywords that are associated with push keywords, which allows remote attackers to cause a denial of service (negative strncpy and application crash) or possibly have unspecified…

  • CVE-2017-16545HigNov 5, 2017
    risk 0.57cvss 8.8epss 0.02

    The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to cause a denial of service (ImportIndexQuantumType invalid write and application crash) or possibly have unspecified other impact via…

  • CVE-2017-15930HigOct 27, 2017
    risk 0.57cvss 8.8epss 0.03

    In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null Pointer Dereference occurs while transferring JPEG scanlines, related to a PixelPacket pointer.

  • CVE-2017-15238HigOct 11, 2017
    risk 0.57cvss 8.8epss 0.02

    ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26 has a use-after-free issue when the height or width is zero, related to ReadJNGImage.

  • CVE-2017-13147HigAug 23, 2017
    risk 0.57cvss 8.8epss 0.02

    In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value.

  • CVE-2017-12937HigAug 18, 2017
    risk 0.57cvss 8.8epss 0.02

    The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a colormap heap-based buffer over-read.

  • CVE-2017-12935HigAug 18, 2017
    risk 0.57cvss 8.8epss 0.02

    The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c.

  • CVE-2017-11642HigJul 26, 2017
    risk 0.57cvss 8.8epss 0.02

    GraphicsMagick 1.3.26 has a NULL pointer dereference in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11638.

  • CVE-2017-11638HigJul 26, 2017
    risk 0.57cvss 8.8epss 0.02

    GraphicsMagick 1.3.26 has a segmentation violation in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11642.

  • CVE-2026-13606impJun 28, 2026
    risk 0.53cvss 8.1epss

    GraphicsMagick: GraphicsMagick: Memory corruption via crafted Photo CD (PCD) file

  • CVE-2016-8684HigFeb 15, 2017
    risk 0.51cvss 7.8epss 0.02

    The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."

  • CVE-2016-8683HigFeb 15, 2017
    risk 0.51cvss 7.8epss 0.02

    The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."

  • CVE-2017-17783HigDec 20, 2017
    risk 0.49cvss 7.5epss 0.02

    In GraphicsMagick 1.3.27a, there is a buffer over-read in ReadPALMImage in coders/palm.c when QuantumDepth is 8.

Page 2 of 7