VYPR

Vendor CVEs

Graphicsmagick

All CVEs

128 total · sorted by risk
  • CVE-2019-11506Apr 24, 2019
    risk 0.00cvss epss 0.03

    In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file.…

  • CVE-2019-11505Apr 24, 2019
    risk 0.00cvss epss 0.03

    In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This…

  • CVE-2019-11474Apr 23, 2019
    risk 0.00cvss epss 0.02

    coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (floating-point exception and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009.

  • CVE-2019-11473Apr 23, 2019
    risk 0.00cvss epss 0.02

    coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (out-of-bounds read and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009.

  • CVE-2019-11010Apr 8, 2019
    risk 0.00cvss epss 0.02

    In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a memory leak in the function ReadMPCImage of coders/mpc.c, which allows attackers to cause a denial of service via a crafted image file.

  • CVE-2019-11009Apr 8, 2019
    risk 0.00cvss epss 0.02

    In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadXWDImage of coders/xwd.c, which allows attackers to cause a denial of service or information disclosure via a crafted image file.

  • CVE-2019-11008Apr 8, 2019
    risk 0.00cvss epss 0.04

    In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file.

  • CVE-2019-11007Apr 8, 2019
    risk 0.00cvss epss 0.02

    In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image colormap.

  • CVE-2019-11006Apr 8, 2019
    risk 0.00cvss epss 0.03

    In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c, which allows attackers to cause a denial of service or information disclosure via an RLE packet.

  • CVE-2019-11005Apr 8, 2019
    risk 0.00cvss epss 0.04

    In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buffer overflow in the function SVGStartElement of coders/svg.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a quoted font family…

  • CVE-2019-7397Feb 5, 2019
    risk 0.00cvss epss 0.04

    In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.

  • CVE-2018-20189Dec 17, 2018
    risk 0.00cvss epss 0.02

    In GraphicsMagick 1.3.31, the ReadDIBImage function of coders/dib.c has a vulnerability allowing a crash and denial of service via a dib file that is crafted to appear with direct pixel values and also colormapping (which is not available beyond 8-bits/sample), and therefore…

  • CVE-2018-20184Dec 17, 2018
    risk 0.00cvss epss 0.02

    In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a heap-based buffer overflow in the WriteTGAImage function of tga.c, which allows attackers to cause a denial of service via a crafted image file, because the number of rows or columns can exceed the pixel-dimension…

  • CVE-2018-20185Dec 17, 2018
    risk 0.00cvss epss 0.02

    In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. This only affects GraphicsMagick installations with…

  • CVE-2018-18544Oct 21, 2018
    risk 0.00cvss epss 0.02

    There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31.

  • CVE-2013-4589Nov 23, 2013
    risk 0.00cvss epss 0.02

    The ExportAlphaQuantumType function in export.c in GraphicsMagick before 1.3.18 might allow remote attackers to cause a denial of service (crash) via vectors related to exporting the alpha of an 8-bit RGBA image.

  • CVE-2012-3438Aug 7, 2012
    risk 0.00cvss epss 0.02

    The Magick_png_malloc function in coders/png.c in GraphicsMagick 6.7.8-6 does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation.

  • CVE-2008-6621Apr 6, 2009
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in GraphicsMagick before 1.2.3 allows remote attackers to cause a denial of service (crash) via unspecified vectors in DPX images. NOTE: some of these details are obtained from third party information.

  • CVE-2008-6072Feb 10, 2009
    risk 0.00cvss epss 0.03

    Multiple unspecified vulnerabilities in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allow remote attackers to cause a denial of service (crash) via unspecified vectors in (1) XCF and (2) CINEON images.

  • CVE-2008-6070Feb 10, 2009
    risk 0.00cvss epss 0.04

    Multiple heap-based buffer underflows in the ReadPALMImage function in coders/palm.c in GraphicsMagick before 1.2.3 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PALM image, a different vulnerability than…

  • CVE-2008-3134Jul 10, 2008
    risk 0.00cvss epss 0.02

    Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and…

  • CVE-2008-1096Mar 5, 2008
    risk 0.00cvss epss 0.05

    The load_tile function in the XCF coder in coders/xcf.c in (1) ImageMagick 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .xcf file that triggers an…

  • CVE-2008-1097Mar 5, 2008
    risk 0.00cvss epss 0.04

    Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in (1) ImageMagick 6.2.4-5 and 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via…

  • CVE-2007-0770Feb 12, 2007
    risk 0.00cvss epss 0.05

    Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. NOTE: this issue is due to an…

  • CVE-2006-5456Oct 23, 2006
    risk 0.00cvss epss 0.03

    Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a…

  • CVE-2006-0082Jan 4, 2006
    risk 0.00cvss epss 0.04

    Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a numeric format string specifier such as…

  • CVE-2005-1739May 24, 2005
    risk 0.00cvss epss 0.04

    The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick before 1.1.6-r1, allows remote attackers to cause a denial of service (infinite loop) via an image with a zero color mask.

  • CVE-2005-0005May 2, 2005
    risk 0.00cvss epss 0.04

    Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers.

Page 3 of 3