Vendor CVEs
Graphicsmagick
All CVEs
128 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-5118 | Cri | 0.68 | 9.8 | 0.50 | Jun 10, 2016 | The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename. | ||
| CVE-2017-11643 | Cri | 0.64 | 9.8 | 0.02 | Jul 26, 2017 | GraphicsMagick 1.3.26 has a heap overflow in the WriteCMYKImage() function in coders/cmyk.c when processing multiple frames that have non-identical widths. | ||
| CVE-2017-11641 | Cri | 0.64 | 9.8 | 0.02 | Jul 26, 2017 | GraphicsMagick 1.3.26 has a Memory Leak in the PersistCache function in magick/pixel_cache.c during writing of Magick Persistent Cache (MPC) files. | ||
| CVE-2017-11637 | Cri | 0.64 | 9.8 | 0.02 | Jul 26, 2017 | GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() function in coders/pcl.c during writes of monochrome images. | ||
| CVE-2017-11636 | Cri | 0.64 | 9.8 | 0.03 | Jul 26, 2017 | GraphicsMagick 1.3.26 has a heap overflow in the WriteRGBImage() function in coders/rgb.c when processing multiple frames that have non-identical widths. | ||
| CVE-2017-11139 | Cri | 0.64 | 9.8 | 0.03 | Jul 10, 2017 | GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders/png.c. | ||
| CVE-2016-5239 | Cri | 0.64 | 9.8 | 0.03 | Mar 15, 2017 | The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMagick allows remote attackers to execute arbitrary commands via unspecified vectors. | ||
| CVE-2016-7447 | Cri | 0.64 | 9.8 | 0.04 | Feb 6, 2017 | Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors. | ||
| CVE-2016-7446 | Cri | 0.64 | 9.8 | 0.04 | Feb 6, 2017 | Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317. | ||
| CVE-2016-7996 | Cri | 0.64 | 9.8 | 0.04 | Jan 18, 2017 | Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries. | ||
| CVE-2017-16352 | Hig | 0.61 | 8.8 | 0.15 | Nov 1, 2017 | GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the DescribeImage() function of the magick/describe.c file. One possible way to trigger the vulnerability is to run the identify command on… | ||
| CVE-2017-14103 | Hig | 0.60 | 8.8 | 0.30 | Sep 1, 2017 | The ReadJNGImage and ReadOneJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 do not properly manage image pointers after certain error conditions, which allows remote attackers to conduct use-after-free attacks via a crafted file, related to a ReadMNGImage… | ||
| CVE-2017-12936 | Hig | 0.59 | 8.8 | 0.25 | Aug 18, 2017 | The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting. | ||
| CVE-2017-11403 | Hig | 0.59 | 8.8 | 0.28 | Jul 18, 2017 | The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted file. | ||
| CVE-2017-18220 | Hig | 0.58 | 8.8 | 0.04 | Mar 5, 2018 | The ReadOneJNGImage and ReadJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 allow remote attackers to cause a denial of service (magick/blob.c CloseBlob use-after-free) or possibly have unspecified other impact via a crafted file, a related issue to CVE-2017-11403. | ||
| CVE-2018-6799 | Hig | 0.57 | 8.8 | 0.03 | Feb 7, 2018 | The AcquireCacheNexus function in magick/pixel_cache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service (heap overwrite) or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used. | ||
| CVE-2018-5360 | Hig | 0.57 | 8.8 | 0.02 | Jan 14, 2018 | LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick 1.3.27. | ||
| CVE-2017-17915 | Hig | 0.57 | 8.8 | 0.02 | Dec 27, 2017 | In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadMNGImage in coders/png.c, related to accessing one byte before testing whether a limit has been reached. | ||
| CVE-2017-17913 | Hig | 0.57 | 8.8 | 0.02 | Dec 27, 2017 | In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to an incompatibility with libwebp versions, 0.5.0 and later, that use a different structure type. | ||
| CVE-2017-17912 | Hig | 0.57 | 8.8 | 0.02 | Dec 27, 2017 | In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadNewsProfile in coders/tiff.c, in which LocaleNCompare reads heap data beyond the allocated region. | ||
| CVE-2017-17782 | Hig | 0.57 | 8.8 | 0.02 | Dec 20, 2017 | In GraphicsMagick 1.3.27a, there is a heap-based buffer over-read in ReadOneJNGImage in coders/png.c, related to oFFs chunk allocation. | ||
| CVE-2017-17503 | Hig | 0.57 | 8.8 | 0.02 | Dec 11, 2017 | ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file. | ||
| CVE-2017-17502 | Hig | 0.57 | 8.8 | 0.02 | Dec 11, 2017 | ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a magick/import.c ImportCMYKQuantumType heap-based buffer over-read via a crafted file. | ||
| CVE-2017-17501 | Hig | 0.57 | 8.8 | 0.03 | Dec 11, 2017 | WriteOnePNGImage in coders/png.c in GraphicsMagick 1.3.26 has a heap-based buffer over-read via a crafted file. | ||
| CVE-2017-17500 | Hig | 0.57 | 8.8 | 0.03 | Dec 11, 2017 | ReadRGBImage in coders/rgb.c in GraphicsMagick 1.3.26 has a magick/import.c ImportRGBQuantumType heap-based buffer over-read via a crafted file. | ||
| CVE-2017-17498 | Hig | 0.57 | 8.8 | 0.03 | Dec 11, 2017 | WritePNMImage in coders/pnm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (bit_stream.c MagickBitStreamMSBWrite heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. | ||
| CVE-2017-16669 | Hig | 0.57 | 8.8 | 0.03 | Nov 9, 2017 | coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to the AcquireCacheNexus function in magick/pixel_cache.c. | ||
| CVE-2017-16547 | Hig | 0.57 | 8.8 | 0.02 | Nov 6, 2017 | The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does not properly look for pop keywords that are associated with push keywords, which allows remote attackers to cause a denial of service (negative strncpy and application crash) or possibly have unspecified… | ||
| CVE-2017-16545 | Hig | 0.57 | 8.8 | 0.02 | Nov 5, 2017 | The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to cause a denial of service (ImportIndexQuantumType invalid write and application crash) or possibly have unspecified other impact via… | ||
| CVE-2017-15930 | Hig | 0.57 | 8.8 | 0.03 | Oct 27, 2017 | In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null Pointer Dereference occurs while transferring JPEG scanlines, related to a PixelPacket pointer. | ||
| CVE-2017-15238 | Hig | 0.57 | 8.8 | 0.02 | Oct 11, 2017 | ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26 has a use-after-free issue when the height or width is zero, related to ReadJNGImage. | ||
| CVE-2017-13147 | Hig | 0.57 | 8.8 | 0.02 | Aug 23, 2017 | In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value. | ||
| CVE-2017-12937 | Hig | 0.57 | 8.8 | 0.02 | Aug 18, 2017 | The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a colormap heap-based buffer over-read. | ||
| CVE-2017-12935 | Hig | 0.57 | 8.8 | 0.02 | Aug 18, 2017 | The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c. | ||
| CVE-2017-11642 | Hig | 0.57 | 8.8 | 0.02 | Jul 26, 2017 | GraphicsMagick 1.3.26 has a NULL pointer dereference in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11638. | ||
| CVE-2017-11638 | Hig | 0.57 | 8.8 | 0.02 | Jul 26, 2017 | GraphicsMagick 1.3.26 has a segmentation violation in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11642. | ||
| CVE-2026-13606 | imp | 0.53 | 8.1 | — | Jun 28, 2026 | GraphicsMagick: GraphicsMagick: Memory corruption via crafted Photo CD (PCD) file | ||
| CVE-2016-8684 | Hig | 0.51 | 7.8 | 0.02 | Feb 15, 2017 | The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file." | ||
| CVE-2016-8683 | Hig | 0.51 | 7.8 | 0.02 | Feb 15, 2017 | The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file." | ||
| CVE-2017-17783 | Hig | 0.49 | 7.5 | 0.02 | Dec 20, 2017 | In GraphicsMagick 1.3.27a, there is a buffer over-read in ReadPALMImage in coders/palm.c when QuantumDepth is 8. | ||
| CVE-2017-11102 | Hig | 0.49 | 7.5 | 0.03 | Jul 7, 2017 | The ReadOneJNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (application crash) during JNG reading via a zero-length color_image data structure. | ||
| CVE-2017-9098 | Hig | 0.49 | 7.5 | 0.04 | May 19, 2017 | ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that… | ||
| CVE-2016-8682 | Hig | 0.49 | 7.5 | 0.04 | Feb 15, 2017 | The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SCT header. | ||
| CVE-2016-7800 | Hig | 0.49 | 7.5 | 0.04 | Feb 6, 2017 | Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow. | ||
| CVE-2016-7449 | Hig | 0.49 | 7.5 | 0.03 | Feb 6, 2017 | The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string. | ||
| CVE-2016-7448 | Hig | 0.49 | 7.5 | 0.04 | Feb 6, 2017 | The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations) via vectors involving the header information and the file size. | ||
| CVE-2016-7997 | Hig | 0.49 | 7.5 | 0.03 | Jan 18, 2017 | The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (assertion failure and crash) via vectors related to a ReferenceBlob and a NULL pointer. | ||
| CVE-2017-16353 | Med | 0.46 | 6.5 | 0.14 | Nov 1, 2017 | GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the… | ||
| CVE-2017-15277 | Med | 0.44 | 6.5 | 0.19 | Oct 12, 2017 | ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process that operates on interesting… | ||
| CVE-2018-9018 | Med | 0.43 | 6.5 | 0.03 | Mar 25, 2018 | In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file. |
- risk 0.68cvss 9.8epss 0.50
The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.
- risk 0.64cvss 9.8epss 0.02
GraphicsMagick 1.3.26 has a heap overflow in the WriteCMYKImage() function in coders/cmyk.c when processing multiple frames that have non-identical widths.
- risk 0.64cvss 9.8epss 0.02
GraphicsMagick 1.3.26 has a Memory Leak in the PersistCache function in magick/pixel_cache.c during writing of Magick Persistent Cache (MPC) files.
- risk 0.64cvss 9.8epss 0.02
GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() function in coders/pcl.c during writes of monochrome images.
- risk 0.64cvss 9.8epss 0.03
GraphicsMagick 1.3.26 has a heap overflow in the WriteRGBImage() function in coders/rgb.c when processing multiple frames that have non-identical widths.
- risk 0.64cvss 9.8epss 0.03
GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders/png.c.
- risk 0.64cvss 9.8epss 0.03
The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMagick allows remote attackers to execute arbitrary commands via unspecified vectors.
- risk 0.64cvss 9.8epss 0.04
Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors.
- risk 0.64cvss 9.8epss 0.04
Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317.
- risk 0.64cvss 9.8epss 0.04
Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries.
- risk 0.61cvss 8.8epss 0.15
GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the DescribeImage() function of the magick/describe.c file. One possible way to trigger the vulnerability is to run the identify command on…
- risk 0.60cvss 8.8epss 0.30
The ReadJNGImage and ReadOneJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 do not properly manage image pointers after certain error conditions, which allows remote attackers to conduct use-after-free attacks via a crafted file, related to a ReadMNGImage…
- risk 0.59cvss 8.8epss 0.25
The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting.
- risk 0.59cvss 8.8epss 0.28
The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted file.
- risk 0.58cvss 8.8epss 0.04
The ReadOneJNGImage and ReadJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 allow remote attackers to cause a denial of service (magick/blob.c CloseBlob use-after-free) or possibly have unspecified other impact via a crafted file, a related issue to CVE-2017-11403.
- risk 0.57cvss 8.8epss 0.03
The AcquireCacheNexus function in magick/pixel_cache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service (heap overwrite) or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used.
- risk 0.57cvss 8.8epss 0.02
LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick 1.3.27.
- risk 0.57cvss 8.8epss 0.02
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadMNGImage in coders/png.c, related to accessing one byte before testing whether a limit has been reached.
- risk 0.57cvss 8.8epss 0.02
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to an incompatibility with libwebp versions, 0.5.0 and later, that use a different structure type.
- risk 0.57cvss 8.8epss 0.02
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadNewsProfile in coders/tiff.c, in which LocaleNCompare reads heap data beyond the allocated region.
- risk 0.57cvss 8.8epss 0.02
In GraphicsMagick 1.3.27a, there is a heap-based buffer over-read in ReadOneJNGImage in coders/png.c, related to oFFs chunk allocation.
- risk 0.57cvss 8.8epss 0.02
ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file.
- risk 0.57cvss 8.8epss 0.02
ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a magick/import.c ImportCMYKQuantumType heap-based buffer over-read via a crafted file.
- risk 0.57cvss 8.8epss 0.03
WriteOnePNGImage in coders/png.c in GraphicsMagick 1.3.26 has a heap-based buffer over-read via a crafted file.
- risk 0.57cvss 8.8epss 0.03
ReadRGBImage in coders/rgb.c in GraphicsMagick 1.3.26 has a magick/import.c ImportRGBQuantumType heap-based buffer over-read via a crafted file.
- risk 0.57cvss 8.8epss 0.03
WritePNMImage in coders/pnm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (bit_stream.c MagickBitStreamMSBWrite heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
- risk 0.57cvss 8.8epss 0.03
coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to the AcquireCacheNexus function in magick/pixel_cache.c.
- risk 0.57cvss 8.8epss 0.02
The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does not properly look for pop keywords that are associated with push keywords, which allows remote attackers to cause a denial of service (negative strncpy and application crash) or possibly have unspecified…
- risk 0.57cvss 8.8epss 0.02
The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to cause a denial of service (ImportIndexQuantumType invalid write and application crash) or possibly have unspecified other impact via…
- risk 0.57cvss 8.8epss 0.03
In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null Pointer Dereference occurs while transferring JPEG scanlines, related to a PixelPacket pointer.
- risk 0.57cvss 8.8epss 0.02
ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26 has a use-after-free issue when the height or width is zero, related to ReadJNGImage.
- risk 0.57cvss 8.8epss 0.02
In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value.
- risk 0.57cvss 8.8epss 0.02
The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a colormap heap-based buffer over-read.
- risk 0.57cvss 8.8epss 0.02
The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c.
- risk 0.57cvss 8.8epss 0.02
GraphicsMagick 1.3.26 has a NULL pointer dereference in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11638.
- risk 0.57cvss 8.8epss 0.02
GraphicsMagick 1.3.26 has a segmentation violation in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11642.
- risk 0.53cvss 8.1epss —
GraphicsMagick: GraphicsMagick: Memory corruption via crafted Photo CD (PCD) file
- risk 0.51cvss 7.8epss 0.02
The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."
- risk 0.51cvss 7.8epss 0.02
The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."
- risk 0.49cvss 7.5epss 0.02
In GraphicsMagick 1.3.27a, there is a buffer over-read in ReadPALMImage in coders/palm.c when QuantumDepth is 8.
- risk 0.49cvss 7.5epss 0.03
The ReadOneJNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (application crash) during JNG reading via a zero-length color_image data structure.
- risk 0.49cvss 7.5epss 0.04
ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that…
- risk 0.49cvss 7.5epss 0.04
The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SCT header.
- risk 0.49cvss 7.5epss 0.04
Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.
- risk 0.49cvss 7.5epss 0.03
The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string.
- risk 0.49cvss 7.5epss 0.04
The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations) via vectors involving the header information and the file size.
- risk 0.49cvss 7.5epss 0.03
The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (assertion failure and crash) via vectors related to a ReferenceBlob and a NULL pointer.
- risk 0.46cvss 6.5epss 0.14
GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the…
- risk 0.44cvss 6.5epss 0.19
ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process that operates on interesting…
- risk 0.43cvss 6.5epss 0.03
In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file.
Page 1 of 3