Vendor CVEs
ImageMagick
All CVEs
777 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-27774 | 0.00 | — | 0.01 | Dec 4, 2020 | A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of a too large shift for 64-bit type `ssize_t`. This would most likely lead to an impact to application… | |||
| CVE-2020-27772 | 0.00 | — | 0.01 | Dec 4, 2020 | A flaw was found in ImageMagick in coders/bmp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned int`. This would most likely lead to an impact to application… | |||
| CVE-2020-27765 | 0.00 | — | 0.01 | Dec 4, 2020 | A flaw was found in ImageMagick in MagickCore/segment.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could… | |||
| CVE-2020-27771 | 0.00 | — | 0.01 | Dec 4, 2020 | In RestoreMSCWarning() of /coders/pdf.c there are several areas where calls to GetPixelIndex() could result in values outside the range of representable for the unsigned char type. The patch casts the return value of GetPixelIndex() to ssize_t type to avoid this bug. This… | |||
| CVE-2020-27773 | 0.00 | — | 0.01 | Dec 4, 2020 | A flaw was found in ImageMagick in MagickCore/gem-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char` or division by zero. This would most likely lead… | |||
| CVE-2020-27770 | 0.00 | — | 0.01 | Dec 4, 2020 | Due to a missing check for 0 value of `replace_extent`, it is possible for offset `p` to overflow in SubstituteString(), causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick. This flaw affects… | |||
| CVE-2020-27766 | 0.00 | — | 0.01 | Dec 4, 2020 | A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned long`. This would most likely lead to an impact to… | |||
| CVE-2020-27767 | 0.00 | — | 0.01 | Dec 4, 2020 | A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of types `float` and `unsigned char`. This would most likely lead to an… | |||
| CVE-2020-27760 | 0.00 | — | 0.01 | Dec 3, 2020 | In `GammaImage()` of /MagickCore/enhance.c, depending on the `gamma` value, it's possible to trigger a divide-by-zero condition when a crafted input file is processed by ImageMagick. This could lead to an impact to application availability. The patch uses the… | |||
| CVE-2020-27761 | 0.00 | — | 0.01 | Dec 3, 2020 | WritePALMImage() in /coders/palm.c used size_t casts in several areas of a calculation which could lead to values outside the range of representable type `unsigned long` undefined behavior when a crafted input file was processed by ImageMagick. The patch casts to `ssize_t`… | |||
| CVE-2020-27764 | 0.00 | — | 0.01 | Dec 3, 2020 | In /MagickCore/statistic.c, there are several areas in ApplyEvaluateOperator() where a size_t cast should have been a ssize_t cast, which causes out-of-range values under some circumstances when a crafted input file is processed by ImageMagick. Red Hat Product Security marked… | |||
| CVE-2020-27759 | 0.00 | — | 0.01 | Dec 3, 2020 | In IntensityCompare() of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a value outside the range of type `int` to be returned. The flaw could be triggered by a crafted input file under certain conditions when processed by… | |||
| CVE-2020-27763 | 0.00 | — | 0.01 | Dec 3, 2020 | A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could… | |||
| CVE-2020-27762 | 0.00 | — | 0.01 | Dec 3, 2020 | A flaw was found in ImageMagick in coders/hdr.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char`. This would most likely lead to an impact to application… | |||
| CVE-2020-19667 | 0.00 | — | 0.02 | Nov 20, 2020 | Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7. | |||
| CVE-2020-27560 | 0.00 | — | 0.01 | Oct 22, 2020 | ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which may cause a denial of service. | |||
| CVE-2020-13902 | 0.00 | — | 0.01 | Jun 7, 2020 | ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image decoding. | |||
| CVE-2020-10251 | 0.00 | — | 0.01 | Mar 10, 2020 | In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image. | |||
| CVE-2014-1958 | 0.00 | — | 0.04 | Feb 6, 2020 | Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030. | |||
| CVE-2016-7524 | 0.00 | — | 0.02 | Feb 6, 2020 | coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. | |||
| CVE-2016-7523 | 0.00 | — | 0.03 | Feb 6, 2020 | coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. | |||
| CVE-2019-19948 | 0.00 | — | 0.04 | Dec 24, 2019 | In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c. | |||
| CVE-2019-19952 | 0.00 | — | 0.02 | Dec 24, 2019 | In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGImage. | |||
| CVE-2019-19949 | 0.00 | — | 0.03 | Dec 24, 2019 | In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare. | |||
| CVE-2014-8561 | 0.00 | — | 0.02 | Dec 15, 2019 | imagemagick 6.8.9.6 has remote DOS via infinite loop | |||
| CVE-2019-18853 | 0.00 | — | 0.01 | Nov 11, 2019 | ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because XML_PARSE_HUGE is not properly restricted in coders/svg.c, related to SVG and libxml2. | |||
| CVE-2019-17540 | 0.00 | — | 0.02 | Oct 14, 2019 | ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c. | |||
| CVE-2019-17547 | 0.00 | — | 0.02 | Oct 14, 2019 | In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free. | |||
| CVE-2019-17541 | 0.00 | — | 0.02 | Oct 14, 2019 | ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c. | |||
| CVE-2019-16708 | 0.00 | — | 0.02 | Sep 23, 2019 | ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage. | |||
| CVE-2019-16709 | 0.00 | — | 0.03 | Sep 23, 2019 | ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage. | |||
| CVE-2019-16710 | 0.00 | — | 0.02 | Sep 23, 2019 | ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c. | |||
| CVE-2019-16711 | 0.00 | — | 0.02 | Sep 23, 2019 | ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c. | |||
| CVE-2019-16712 | 0.00 | — | 0.03 | Sep 23, 2019 | ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image. | |||
| CVE-2019-16713 | 0.00 | — | 0.02 | Sep 23, 2019 | ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c. | |||
| CVE-2019-15139 | 0.00 | — | 0.04 | Aug 18, 2019 | The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a… | |||
| CVE-2019-15140 | 0.00 | — | 0.04 | Aug 18, 2019 | coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c. | |||
| CVE-2019-15141 | 0.00 | — | 0.02 | Aug 18, 2019 | WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec,… | |||
| CVE-2019-14981 | 0.00 | — | 0.03 | Aug 12, 2019 | In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file. | |||
| CVE-2019-14980 | 0.00 | — | 0.02 | Aug 12, 2019 | In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file. | |||
| CVE-2019-13454 | 0.00 | — | 0.04 | Jul 9, 2019 | ImageMagick 7.0.1-0 to 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c. | |||
| CVE-2019-13391 | 0.00 | — | 0.03 | Jul 7, 2019 | In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels. | |||
| CVE-2019-13311 | 0.00 | — | 0.03 | Jul 5, 2019 | ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error. | |||
| CVE-2019-13310 | 0.00 | — | 0.02 | Jul 5, 2019 | ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c. | |||
| CVE-2019-13309 | 0.00 | — | 0.03 | Jul 5, 2019 | ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c. | |||
| CVE-2019-13308 | 0.00 | — | 0.03 | Jul 5, 2019 | ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage. | |||
| CVE-2019-13307 | 0.00 | — | 0.02 | Jul 5, 2019 | ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows. | |||
| CVE-2019-13306 | 0.00 | — | 0.02 | Jul 5, 2019 | ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors. | |||
| CVE-2019-13305 | 0.00 | — | 0.02 | Jul 5, 2019 | ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error. | |||
| CVE-2019-13304 | 0.00 | — | 0.02 | Jul 5, 2019 | ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment. |
- CVE-2020-27774Dec 4, 2020risk 0.00cvss —epss 0.01
A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of a too large shift for 64-bit type `ssize_t`. This would most likely lead to an impact to application…
- CVE-2020-27772Dec 4, 2020risk 0.00cvss —epss 0.01
A flaw was found in ImageMagick in coders/bmp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned int`. This would most likely lead to an impact to application…
- CVE-2020-27765Dec 4, 2020risk 0.00cvss —epss 0.01
A flaw was found in ImageMagick in MagickCore/segment.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could…
- CVE-2020-27771Dec 4, 2020risk 0.00cvss —epss 0.01
In RestoreMSCWarning() of /coders/pdf.c there are several areas where calls to GetPixelIndex() could result in values outside the range of representable for the unsigned char type. The patch casts the return value of GetPixelIndex() to ssize_t type to avoid this bug. This…
- CVE-2020-27773Dec 4, 2020risk 0.00cvss —epss 0.01
A flaw was found in ImageMagick in MagickCore/gem-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char` or division by zero. This would most likely lead…
- CVE-2020-27770Dec 4, 2020risk 0.00cvss —epss 0.01
Due to a missing check for 0 value of `replace_extent`, it is possible for offset `p` to overflow in SubstituteString(), causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick. This flaw affects…
- CVE-2020-27766Dec 4, 2020risk 0.00cvss —epss 0.01
A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned long`. This would most likely lead to an impact to…
- CVE-2020-27767Dec 4, 2020risk 0.00cvss —epss 0.01
A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of types `float` and `unsigned char`. This would most likely lead to an…
- CVE-2020-27760Dec 3, 2020risk 0.00cvss —epss 0.01
In `GammaImage()` of /MagickCore/enhance.c, depending on the `gamma` value, it's possible to trigger a divide-by-zero condition when a crafted input file is processed by ImageMagick. This could lead to an impact to application availability. The patch uses the…
- CVE-2020-27761Dec 3, 2020risk 0.00cvss —epss 0.01
WritePALMImage() in /coders/palm.c used size_t casts in several areas of a calculation which could lead to values outside the range of representable type `unsigned long` undefined behavior when a crafted input file was processed by ImageMagick. The patch casts to `ssize_t`…
- CVE-2020-27764Dec 3, 2020risk 0.00cvss —epss 0.01
In /MagickCore/statistic.c, there are several areas in ApplyEvaluateOperator() where a size_t cast should have been a ssize_t cast, which causes out-of-range values under some circumstances when a crafted input file is processed by ImageMagick. Red Hat Product Security marked…
- CVE-2020-27759Dec 3, 2020risk 0.00cvss —epss 0.01
In IntensityCompare() of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a value outside the range of type `int` to be returned. The flaw could be triggered by a crafted input file under certain conditions when processed by…
- CVE-2020-27763Dec 3, 2020risk 0.00cvss —epss 0.01
A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could…
- CVE-2020-27762Dec 3, 2020risk 0.00cvss —epss 0.01
A flaw was found in ImageMagick in coders/hdr.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char`. This would most likely lead to an impact to application…
- CVE-2020-19667Nov 20, 2020risk 0.00cvss —epss 0.02
Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7.
- CVE-2020-27560Oct 22, 2020risk 0.00cvss —epss 0.01
ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which may cause a denial of service.
- CVE-2020-13902Jun 7, 2020risk 0.00cvss —epss 0.01
ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image decoding.
- CVE-2020-10251Mar 10, 2020risk 0.00cvss —epss 0.01
In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image.
- CVE-2014-1958Feb 6, 2020risk 0.00cvss —epss 0.04
Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030.
- CVE-2016-7524Feb 6, 2020risk 0.00cvss —epss 0.02
coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
- CVE-2016-7523Feb 6, 2020risk 0.00cvss —epss 0.03
coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
- CVE-2019-19948Dec 24, 2019risk 0.00cvss —epss 0.04
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.
- CVE-2019-19952Dec 24, 2019risk 0.00cvss —epss 0.02
In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGImage.
- CVE-2019-19949Dec 24, 2019risk 0.00cvss —epss 0.03
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.
- CVE-2014-8561Dec 15, 2019risk 0.00cvss —epss 0.02
imagemagick 6.8.9.6 has remote DOS via infinite loop
- CVE-2019-18853Nov 11, 2019risk 0.00cvss —epss 0.01
ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because XML_PARSE_HUGE is not properly restricted in coders/svg.c, related to SVG and libxml2.
- CVE-2019-17540Oct 14, 2019risk 0.00cvss —epss 0.02
ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.
- CVE-2019-17547Oct 14, 2019risk 0.00cvss —epss 0.02
In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free.
- CVE-2019-17541Oct 14, 2019risk 0.00cvss —epss 0.02
ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c.
- CVE-2019-16708Sep 23, 2019risk 0.00cvss —epss 0.02
ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.
- CVE-2019-16709Sep 23, 2019risk 0.00cvss —epss 0.03
ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.
- CVE-2019-16710Sep 23, 2019risk 0.00cvss —epss 0.02
ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.
- CVE-2019-16711Sep 23, 2019risk 0.00cvss —epss 0.02
ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.
- CVE-2019-16712Sep 23, 2019risk 0.00cvss —epss 0.03
ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image.
- CVE-2019-16713Sep 23, 2019risk 0.00cvss —epss 0.02
ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.
- CVE-2019-15139Aug 18, 2019risk 0.00cvss —epss 0.04
The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a…
- CVE-2019-15140Aug 18, 2019risk 0.00cvss —epss 0.04
coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.
- CVE-2019-15141Aug 18, 2019risk 0.00cvss —epss 0.02
WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec,…
- CVE-2019-14981Aug 12, 2019risk 0.00cvss —epss 0.03
In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.
- CVE-2019-14980Aug 12, 2019risk 0.00cvss —epss 0.02
In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file.
- CVE-2019-13454Jul 9, 2019risk 0.00cvss —epss 0.04
ImageMagick 7.0.1-0 to 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.
- CVE-2019-13391Jul 7, 2019risk 0.00cvss —epss 0.03
In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels.
- CVE-2019-13311Jul 5, 2019risk 0.00cvss —epss 0.03
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.
- CVE-2019-13310Jul 5, 2019risk 0.00cvss —epss 0.02
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c.
- CVE-2019-13309Jul 5, 2019risk 0.00cvss —epss 0.03
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c.
- CVE-2019-13308Jul 5, 2019risk 0.00cvss —epss 0.03
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage.
- CVE-2019-13307Jul 5, 2019risk 0.00cvss —epss 0.02
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows.
- CVE-2019-13306Jul 5, 2019risk 0.00cvss —epss 0.02
ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.
- CVE-2019-13305Jul 5, 2019risk 0.00cvss —epss 0.02
ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error.
- CVE-2019-13304Jul 5, 2019risk 0.00cvss —epss 0.02
ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment.
Page 14 of 16