Vendor CVEs
Graphicsmagick
All CVEs
128 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-18219 | Med | 0.43 | 6.5 | 0.04 | Mar 5, 2018 | An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted file that triggers an attempt at a large png_pixels array allocation. | ||
| CVE-2017-14997 | Med | 0.43 | 6.5 | 0.03 | Oct 4, 2017 | GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (excessive memory allocation) because of an integer underflow in ReadPICTImage in coders/pict.c. | ||
| CVE-2017-18231 | Med | 0.42 | 6.5 | 0.02 | Mar 14, 2018 | An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadEnhMetaFile in coders/emf.c, which allows attackers to cause a denial of service via a crafted file. | ||
| CVE-2017-18230 | Med | 0.42 | 6.5 | 0.02 | Mar 14, 2018 | An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadCINEONImage in coders/cineon.c, which allows attackers to cause a denial of service via a crafted file. | ||
| CVE-2017-18229 | Med | 0.42 | 6.5 | 0.02 | Mar 14, 2018 | An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allows attackers to cause a denial of service via a crafted file, because file size is not properly used to restrict scanline,… | ||
| CVE-2018-5685 | Med | 0.42 | 6.5 | 0.02 | Jan 14, 2018 | In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function (coders/bmp.c). Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask value. | ||
| CVE-2017-14994 | Med | 0.42 | 6.5 | 0.03 | Oct 4, 2017 | ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted DICOM image, related to the ability of DCM_ReadNonNativeImages to yield an image list with zero frames. | ||
| CVE-2017-14733 | Med | 0.42 | 6.5 | 0.02 | Sep 25, 2017 | ReadRLEImage in coders/rle.c in GraphicsMagick 1.3.26 mishandles RLE headers that specify too few colors, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. | ||
| CVE-2017-14504 | Med | 0.42 | 6.5 | 0.02 | Sep 17, 2017 | ReadPNMImage in coders/pnm.c in GraphicsMagick 1.3.26 does not ensure the correct number of colors for the XV 332 format, leading to a NULL Pointer Dereference. | ||
| CVE-2017-14314 | Med | 0.42 | 6.5 | 0.02 | Sep 12, 2017 | Off-by-one error in the DrawImage function in magick/render.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (DrawDashPolygon heap-based buffer over-read and application crash) via a crafted file. | ||
| CVE-2017-14165 | Med | 0.42 | 6.5 | 0.02 | Sep 6, 2017 | The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has an issue where memory allocation is excessive because it depends only on a length field in a header. This may lead to remote denial of service in the MagickMalloc function in magick/memory.c. | ||
| CVE-2017-14042 | Med | 0.42 | 6.5 | 0.02 | Aug 30, 2017 | A memory allocation failure was discovered in the ReadPNMImage function in coders/pnm.c in GraphicsMagick 1.3.26. The vulnerability causes a big memory allocation, which may lead to remote denial of service in the MagickRealloc function in magick/memory.c. | ||
| CVE-2017-13777 | Med | 0.42 | 6.5 | 0.02 | Aug 30, 2017 | GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version==10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request… | ||
| CVE-2017-13776 | Med | 0.42 | 6.5 | 0.02 | Aug 30, 2017 | GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version!=10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request… | ||
| CVE-2017-13775 | Med | 0.42 | 6.5 | 0.02 | Aug 30, 2017 | GraphicsMagick 1.3.26 has a denial of service issue in ReadJNXImage() in coders/jnx.c whereby large amounts of CPU and memory resources may be consumed although the file itself does not support the requests. | ||
| CVE-2017-13737 | Med | 0.42 | 6.5 | 0.03 | Aug 29, 2017 | There is an invalid free in the MagickFree function in magick/memory.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack. | ||
| CVE-2017-13736 | Med | 0.42 | 6.5 | 0.02 | Aug 29, 2017 | There are lots of memory leaks in the GMCommand function in magick/command.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack. | ||
| CVE-2017-13648 | Med | 0.42 | 6.5 | 0.01 | Aug 23, 2017 | In GraphicsMagick 1.3.26, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c. | ||
| CVE-2017-13134 | Med | 0.42 | 6.5 | 0.02 | Aug 23, 2017 | In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer over-read was found in the function SFWScan in coders/sfw.c, which allows attackers to cause a denial of service via a crafted file. | ||
| CVE-2017-13066 | Med | 0.42 | 6.5 | 0.01 | Aug 22, 2017 | GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c. | ||
| CVE-2017-13065 | Med | 0.42 | 6.5 | 0.02 | Aug 22, 2017 | GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c. | ||
| CVE-2017-13064 | Med | 0.42 | 6.5 | 0.02 | Aug 22, 2017 | GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:311:12. | ||
| CVE-2017-13063 | Med | 0.42 | 6.5 | 0.02 | Aug 22, 2017 | GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12. | ||
| CVE-2017-11722 | Med | 0.42 | 6.5 | 0.02 | Jul 28, 2017 | The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file, because the program's actual control flow was inconsistent with its indentation. This… | ||
| CVE-2017-14649 | Med | 0.36 | 5.5 | 0.01 | Sep 21, 2017 | ReadOneJNGImage in coders/png.c in GraphicsMagick version 1.3.26 does not properly validate JNG data, leading to a denial of service (assertion failure in magick/pixel_cache.c, and application crash). | ||
| CVE-2017-11140 | Med | 0.36 | 5.5 | 0.02 | Jul 10, 2017 | The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 creates a pixel cache before a successful read of a scanline, which allows remote attackers to cause a denial of service (resource consumption) via crafted JPEG files. | ||
| CVE-2017-10800 | Med | 0.36 | 5.5 | 0.01 | Jul 3, 2017 | When GraphicsMagick 1.3.25 processes a MATLAB image in coders/mat.c, it can lead to a denial of service (OOM) in ReadMATImage() if the size specified for a MAT Object is larger than the actual amount of data. | ||
| CVE-2017-10799 | Med | 0.36 | 5.5 | 0.01 | Jul 3, 2017 | When GraphicsMagick 1.3.25 processes a DPX image (with metadata indicating a large width) in coders/dpx.c, a denial of service (OOM) can occur in ReadDPXImage(). | ||
| CVE-2017-10794 | Med | 0.36 | 5.5 | 0.02 | Jul 2, 2017 | When GraphicsMagick 1.3.25 processes an RGB TIFF picture (with metadata indicating a single sample per pixel) in coders/tiff.c, a buffer overflow occurs, related to QuantumTransferMode. | ||
| CVE-2017-6335 | Med | 0.36 | 5.5 | 0.02 | Mar 14, 2017 | The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a small samples per pixel value in a CMYKA TIFF file. | ||
| CVE-2016-9830 | Med | 0.36 | 5.5 | 0.02 | Mar 1, 2017 | The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image. | ||
| CVE-2016-5240 | Med | 0.36 | 5.5 | 0.02 | Feb 27, 2017 | The DrawDashPolygon function in magick/render.c in GraphicsMagick before 1.3.24 and the SVG renderer in ImageMagick allow remote attackers to cause a denial of service (infinite loop) by converting a circularly defined SVG file. | ||
| CVE-2016-5241 | Med | 0.36 | 5.5 | 0.02 | Feb 3, 2017 | magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file. | ||
| CVE-2016-2318 | Med | 0.36 | 5.5 | 0.02 | Feb 3, 2017 | GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c. | ||
| CVE-2016-2317 | Med | 0.36 | 5.5 | 0.02 | Feb 3, 2017 | Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in… | ||
| CVE-2015-8808 | Med | 0.36 | 5.5 | 0.02 | Jul 13, 2016 | The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted GIF file. | ||
| CVE-2005-1275 | 0.04 | — | 0.14 | Apr 25, 2005 | Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a PNM file with a small colors value. | |||
| CVE-2009-1882 | 0.01 | — | 0.07 | Jun 2, 2009 | Integer overflow in the XMakeImage function in magick/xwindow.c in ImageMagick 6.5.2-8, and GraphicsMagick, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow. NOTE: some of… | |||
| CVE-2008-6071 | 0.01 | — | 0.07 | Feb 10, 2009 | Heap-based buffer overflow in the DecodeImage function in coders/pict.c in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PICT image. NOTE: some of these details… | |||
| CVE-2025-32460 | 0.00 | — | 0.00 | Apr 9, 2025 | GraphicsMagick before 8e56520 has a heap-based buffer over-read in ReadJXLImage in coders/jxl.c, related to an ImportViewPixelArea call. | |||
| CVE-2025-27796 | 0.00 | — | 0.00 | Mar 7, 2025 | ReadWPGImage in WPG in GraphicsMagick before 1.3.46 mishandles palette buffer allocation, resulting in out-of-bounds access to heap memory in ReadBlob. | |||
| CVE-2025-27795 | 0.00 | — | 0.00 | Mar 7, 2025 | ReadJXLImage in JXL in GraphicsMagick before 1.3.46 lacks image dimension resource limits. | |||
| CVE-2020-21679 | 0.00 | — | 0.00 | Aug 22, 2023 | Buffer Overflow vulnerability in WritePCXImage function in pcx.c in GraphicsMagick 1.4 allows remote attackers to cause a denial of service via converting of crafted image file to pcx format. | |||
| CVE-2022-1270 | 0.00 | — | 0.00 | Sep 28, 2022 | In GraphicsMagick, a heap buffer overflow was found when parsing MIFF. | |||
| CVE-2020-12672 | 0.00 | — | 0.03 | May 6, 2020 | GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c. | |||
| CVE-2020-10938 | 0.00 | — | 0.05 | Mar 24, 2020 | GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c. | |||
| CVE-2019-12921 | 0.00 | — | 0.08 | Mar 18, 2020 | In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read arbitrary files via a crafted image because of TranslateTextEx for SVG. | |||
| CVE-2019-19950 | 0.00 | — | 0.03 | Dec 24, 2019 | In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c. | |||
| CVE-2019-19951 | 0.00 | — | 0.03 | Dec 24, 2019 | In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c. | |||
| CVE-2019-19953 | 0.00 | — | 0.03 | Dec 24, 2019 | In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c. |
- risk 0.43cvss 6.5epss 0.04
An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted file that triggers an attempt at a large png_pixels array allocation.
- risk 0.43cvss 6.5epss 0.03
GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (excessive memory allocation) because of an integer underflow in ReadPICTImage in coders/pict.c.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadEnhMetaFile in coders/emf.c, which allows attackers to cause a denial of service via a crafted file.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadCINEONImage in coders/cineon.c, which allows attackers to cause a denial of service via a crafted file.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allows attackers to cause a denial of service via a crafted file, because file size is not properly used to restrict scanline,…
- risk 0.42cvss 6.5epss 0.02
In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function (coders/bmp.c). Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask value.
- risk 0.42cvss 6.5epss 0.03
ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted DICOM image, related to the ability of DCM_ReadNonNativeImages to yield an image list with zero frames.
- risk 0.42cvss 6.5epss 0.02
ReadRLEImage in coders/rle.c in GraphicsMagick 1.3.26 mishandles RLE headers that specify too few colors, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
- risk 0.42cvss 6.5epss 0.02
ReadPNMImage in coders/pnm.c in GraphicsMagick 1.3.26 does not ensure the correct number of colors for the XV 332 format, leading to a NULL Pointer Dereference.
- risk 0.42cvss 6.5epss 0.02
Off-by-one error in the DrawImage function in magick/render.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (DrawDashPolygon heap-based buffer over-read and application crash) via a crafted file.
- risk 0.42cvss 6.5epss 0.02
The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has an issue where memory allocation is excessive because it depends only on a length field in a header. This may lead to remote denial of service in the MagickMalloc function in magick/memory.c.
- risk 0.42cvss 6.5epss 0.02
A memory allocation failure was discovered in the ReadPNMImage function in coders/pnm.c in GraphicsMagick 1.3.26. The vulnerability causes a big memory allocation, which may lead to remote denial of service in the MagickRealloc function in magick/memory.c.
- risk 0.42cvss 6.5epss 0.02
GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version==10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request…
- risk 0.42cvss 6.5epss 0.02
GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version!=10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request…
- risk 0.42cvss 6.5epss 0.02
GraphicsMagick 1.3.26 has a denial of service issue in ReadJNXImage() in coders/jnx.c whereby large amounts of CPU and memory resources may be consumed although the file itself does not support the requests.
- risk 0.42cvss 6.5epss 0.03
There is an invalid free in the MagickFree function in magick/memory.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack.
- risk 0.42cvss 6.5epss 0.02
There are lots of memory leaks in the GMCommand function in magick/command.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack.
- risk 0.42cvss 6.5epss 0.01
In GraphicsMagick 1.3.26, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c.
- risk 0.42cvss 6.5epss 0.02
In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer over-read was found in the function SFWScan in coders/sfw.c, which allows attackers to cause a denial of service via a crafted file.
- risk 0.42cvss 6.5epss 0.01
GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c.
- risk 0.42cvss 6.5epss 0.02
GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c.
- risk 0.42cvss 6.5epss 0.02
GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:311:12.
- risk 0.42cvss 6.5epss 0.02
GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12.
- risk 0.42cvss 6.5epss 0.02
The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file, because the program's actual control flow was inconsistent with its indentation. This…
- risk 0.36cvss 5.5epss 0.01
ReadOneJNGImage in coders/png.c in GraphicsMagick version 1.3.26 does not properly validate JNG data, leading to a denial of service (assertion failure in magick/pixel_cache.c, and application crash).
- risk 0.36cvss 5.5epss 0.02
The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 creates a pixel cache before a successful read of a scanline, which allows remote attackers to cause a denial of service (resource consumption) via crafted JPEG files.
- risk 0.36cvss 5.5epss 0.01
When GraphicsMagick 1.3.25 processes a MATLAB image in coders/mat.c, it can lead to a denial of service (OOM) in ReadMATImage() if the size specified for a MAT Object is larger than the actual amount of data.
- risk 0.36cvss 5.5epss 0.01
When GraphicsMagick 1.3.25 processes a DPX image (with metadata indicating a large width) in coders/dpx.c, a denial of service (OOM) can occur in ReadDPXImage().
- risk 0.36cvss 5.5epss 0.02
When GraphicsMagick 1.3.25 processes an RGB TIFF picture (with metadata indicating a single sample per pixel) in coders/tiff.c, a buffer overflow occurs, related to QuantumTransferMode.
- risk 0.36cvss 5.5epss 0.02
The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a small samples per pixel value in a CMYKA TIFF file.
- risk 0.36cvss 5.5epss 0.02
The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image.
- risk 0.36cvss 5.5epss 0.02
The DrawDashPolygon function in magick/render.c in GraphicsMagick before 1.3.24 and the SVG renderer in ImageMagick allow remote attackers to cause a denial of service (infinite loop) by converting a circularly defined SVG file.
- risk 0.36cvss 5.5epss 0.02
magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file.
- risk 0.36cvss 5.5epss 0.02
GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c.
- risk 0.36cvss 5.5epss 0.02
Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in…
- risk 0.36cvss 5.5epss 0.02
The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted GIF file.
- CVE-2005-1275Apr 25, 2005risk 0.04cvss —epss 0.14
Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a PNM file with a small colors value.
- CVE-2009-1882Jun 2, 2009risk 0.01cvss —epss 0.07
Integer overflow in the XMakeImage function in magick/xwindow.c in ImageMagick 6.5.2-8, and GraphicsMagick, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow. NOTE: some of…
- CVE-2008-6071Feb 10, 2009risk 0.01cvss —epss 0.07
Heap-based buffer overflow in the DecodeImage function in coders/pict.c in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PICT image. NOTE: some of these details…
- CVE-2025-32460Apr 9, 2025risk 0.00cvss —epss 0.00
GraphicsMagick before 8e56520 has a heap-based buffer over-read in ReadJXLImage in coders/jxl.c, related to an ImportViewPixelArea call.
- CVE-2025-27796Mar 7, 2025risk 0.00cvss —epss 0.00
ReadWPGImage in WPG in GraphicsMagick before 1.3.46 mishandles palette buffer allocation, resulting in out-of-bounds access to heap memory in ReadBlob.
- CVE-2025-27795Mar 7, 2025risk 0.00cvss —epss 0.00
ReadJXLImage in JXL in GraphicsMagick before 1.3.46 lacks image dimension resource limits.
- CVE-2020-21679Aug 22, 2023risk 0.00cvss —epss 0.00
Buffer Overflow vulnerability in WritePCXImage function in pcx.c in GraphicsMagick 1.4 allows remote attackers to cause a denial of service via converting of crafted image file to pcx format.
- CVE-2022-1270Sep 28, 2022risk 0.00cvss —epss 0.00
In GraphicsMagick, a heap buffer overflow was found when parsing MIFF.
- CVE-2020-12672May 6, 2020risk 0.00cvss —epss 0.03
GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.
- CVE-2020-10938Mar 24, 2020risk 0.00cvss —epss 0.05
GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c.
- CVE-2019-12921Mar 18, 2020risk 0.00cvss —epss 0.08
In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read arbitrary files via a crafted image because of TranslateTextEx for SVG.
- CVE-2019-19950Dec 24, 2019risk 0.00cvss —epss 0.03
In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c.
- CVE-2019-19951Dec 24, 2019risk 0.00cvss —epss 0.03
In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c.
- CVE-2019-19953Dec 24, 2019risk 0.00cvss —epss 0.03
In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c.
Page 2 of 3