VYPR

Vendor CVEs

ImageMagick

All CVEs

783 total · sorted by risk
  • CVE-2017-18028MedJan 12, 2018
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file.

  • CVE-2017-18027MedJan 12, 2018
    risk 0.42cvss 6.5epss 0.03

    In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.

  • CVE-2018-5358MedJan 12, 2018
    risk 0.42cvss 6.5epss 0.02

    ImageMagick 7.0.7-22 Q16 has memory leaks in the EncodeImageAttributes function in coders/json.c, as demonstrated by the ReadPSDLayersInternal function in coders/psd.c.

  • CVE-2018-5247MedJan 5, 2018
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c.

  • CVE-2017-18022MedJan 5, 2018
    risk 0.42cvss 6.5epss 0.03

    In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c.

  • CVE-2017-1000476MedJan 3, 2018
    risk 0.42cvss 6.5epss 0.03

    ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service.

  • CVE-2017-1000445MedJan 2, 2018
    risk 0.42cvss 6.5epss 0.02

    ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service

  • CVE-2017-18008MedJan 1, 2018
    risk 0.42cvss 6.5epss 0.03

    In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in coders/pwp.c.

  • CVE-2017-17934MedDec 27, 2017
    risk 0.42cvss 6.5epss 0.03

    ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with mishandling of MSLPushImage calls.

  • CVE-2017-17914MedDec 27, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service (ReadOneMNGImage large loop) via a crafted mng image file.

  • CVE-2017-17887MedDec 27, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function GetImagePixelCache in magick/cache.c, which allows attackers to cause a denial of service via a crafted MNG image file that is processed by ReadOneMNGImage.

  • CVE-2017-17886MedDec 27, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service via a crafted psd image file.

  • CVE-2017-17885MedDec 27, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allows attackers to cause a denial of service via a crafted PICT image file.

  • CVE-2017-17884MedDec 27, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function WriteOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted PNG image file.

  • CVE-2017-17883MedDec 27, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPGXImage in coders/pgx.c, which allows attackers to cause a denial of service via a crafted PGX image file.

  • CVE-2017-17882MedDec 27, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted XPM image file.

  • CVE-2017-17881MedDec 27, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted MAT image file.

  • CVE-2017-17682MedDec 14, 2017
    risk 0.42cvss 6.5epss 0.03

    In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted wpg image file that triggers a ReadWPGImage call.

  • CVE-2017-17681MedDec 14, 2017
    risk 0.42cvss 6.5epss 0.03

    In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted psd image file.

  • CVE-2017-17680MedDec 14, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted xpm image file.

  • CVE-2017-17504MedDec 11, 2017
    risk 0.42cvss 6.5epss 0.02

    ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage.

  • CVE-2017-15218MedOct 10, 2017
    risk 0.42cvss 6.5epss 0.02

    ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c.

  • CVE-2017-15217MedOct 10, 2017
    risk 0.42cvss 6.5epss 0.02

    ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c.

  • CVE-2017-14989MedOct 3, 2017
    risk 0.42cvss 6.5epss 0.01

    A use-after-free in RenderFreetype in MagickCore/annotate.c in ImageMagick 7.0.7-4 Q16 allows attackers to crash the application via a crafted font file, because the FT_Done_Glyph function (from FreeType 2) is called at an incorrect place in the ImageMagick code.

  • CVE-2017-14741MedSep 26, 2017
    risk 0.42cvss 6.5epss 0.01

    The ReadCAPTIONImage function in coders/caption.c in ImageMagick 7.0.7-3 allows remote attackers to cause a denial of service (infinite loop) via a crafted font file.

  • CVE-2017-14684MedSep 22, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.7-4 Q16, a memory leak vulnerability was found in the function ReadVIPSImage in coders/vips.c, which allows attackers to cause a denial of service (memory consumption in ResizeMagickMemory in MagickCore/memory.c) via a crafted file.

  • CVE-2017-14533MedSep 18, 2017
    risk 0.42cvss 6.5epss 0.02

    ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c.

  • CVE-2017-14531MedSep 18, 2017
    risk 0.42cvss 6.5epss 0.02

    ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in coders/sun.c.

  • CVE-2017-14528MedSep 18, 2017
    risk 0.42cvss 6.5epss 0.03

    The TIFFSetProfiles function in coders/tiff.c in ImageMagick 7.0.6 has incorrect expectations about whether LibTIFF TIFFGetField return values imply that data validation has occurred, which allows remote attackers to cause a denial of service (use-after-free after an invalid…

  • CVE-2017-14505MedSep 17, 2017
    risk 0.42cvss 6.5epss 0.01

    DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Service (NULL pointer dereference and application crash in AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted…

  • CVE-2017-14400MedSep 12, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.7-1 Q16, the PersistPixelCache function in magick/cache.c mishandles the pixel cache nexus, which allows remote attackers to cause a denial of service (NULL pointer dereference in the function GetVirtualPixels in MagickCore/cache.c) via a crafted file.

  • CVE-2017-14343MedSep 12, 2017
    risk 0.42cvss 6.5epss 0.01

    ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file.

  • CVE-2017-14342MedSep 12, 2017
    risk 0.42cvss 6.5epss 0.01

    ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c via a crafted wpg image file.

  • CVE-2017-14341MedSep 12, 2017
    risk 0.42cvss 6.5epss 0.02

    ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in coders/wpg.c, causing CPU exhaustion via a crafted wpg image file.

  • CVE-2017-14326MedSep 12, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2017-14325MedSep 12, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function PersistPixelCache in magick/cache.c, which allows attackers to cause a denial of service (memory consumption in ReadMPCImage in coders/mpc.c) via a crafted file.

  • CVE-2017-14324MedSep 12, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2017-14249MedSep 11, 2017
    risk 0.42cvss 6.5epss 0.02

    ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in coders/mpc.c, leading to division by zero in GetPixelCacheTileSize in MagickCore/cache.c, allowing remote attackers to cause a denial of service via a crafted file.

  • CVE-2017-14248MedSep 11, 2017
    risk 0.42cvss 6.5epss 0.01

    A heap-based buffer over-read in SampleImage() in MagickCore/resize.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service via a crafted file.

  • CVE-2017-14175MedSep 7, 2017
    risk 0.42cvss 6.5epss 0.02

    In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is…

  • CVE-2017-14174MedSep 7, 2017
    risk 0.42cvss 6.5epss 0.02

    In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "length" field in the header but does not contain sufficient backing data, is…

  • CVE-2017-14173MedSep 7, 2017
    risk 0.42cvss 6.5epss 0.02

    In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, an integer overflow might occur for the addition operation "GetQuantumRange(depth)+1" when "depth" is large, producing a smaller value than expected. As a result, an infinite loop would occur for a crafted…

  • CVE-2017-14172MedSep 7, 2017
    risk 0.42cvss 6.5epss 0.02

    In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "extent" field in the header but does not contain sufficient backing data, is provided, the…

  • CVE-2017-14139MedSep 4, 2017
    risk 0.42cvss 6.5epss 0.01

    ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMSLImage in coders/msl.c.

  • CVE-2017-12693MedSep 1, 2017
    risk 0.42cvss 6.5epss 0.03

    The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted BMP file.

  • CVE-2017-12692MedSep 1, 2017
    risk 0.42cvss 6.5epss 0.03

    The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted VIFF file.

  • CVE-2017-12691MedSep 1, 2017
    risk 0.42cvss 6.5epss 0.02

    The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.

  • CVE-2017-14060MedAug 31, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in the ReadCUTImage function in coders/cut.c that could allow an attacker to cause a Denial of Service (in the QueueAuthenticPixelCacheNexus function within the MagickCore/cache.c file) by submitting a…

  • CVE-2017-13769MedAug 30, 2017
    risk 0.42cvss 6.5epss 0.01

    The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file.

  • CVE-2017-13768MedAug 30, 2017
    risk 0.42cvss 6.5epss 0.02

    Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to perform denial of service by sending a crafted image file.

Page 5 of 16