VYPR

Vendor CVEs

ImageMagick

All CVEs

783 total · sorted by risk
  • CVE-2017-13758MedAug 29, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.6-10, there is a heap-based buffer overflow in the TracePoint() function in MagickCore/draw.c.

  • CVE-2017-12875MedAug 29, 2017
    risk 0.42cvss 6.5epss 0.02

    The WritePixelCachePixels function in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (CPU consumption) via a crafted file.

  • CVE-2017-12877MedAug 28, 2017
    risk 0.42cvss 6.5epss 0.02

    Use-after-free vulnerability in the DestroyImage function in image.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file.

  • CVE-2017-12876MedAug 28, 2017
    risk 0.42cvss 6.5epss 0.03

    Heap-based buffer overflow in enhance.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file.

  • CVE-2017-13658MedAug 24, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading to a denial of service (assertion failure and application exit) in the DestroyImageInfo function in MagickCore/image.c.

  • CVE-2017-13145MedAug 23, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash.

  • CVE-2017-13144MedAug 23, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick before 6.9.7-10, there is a crash (rather than a "width or height exceeds limit" error report) if the image dimensions are too large, as demonstrated by use of the mpc coder.

  • CVE-2017-13142MedAug 23, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short files.

  • CVE-2017-13141MedAug 23, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could trigger a memory leak in ReadOnePNGImage in coders/png.c.

  • CVE-2017-13140MedAug 23, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick before 6.9.9-1 and 7.x before 7.0.6-2, the ReadOnePNGImage function in coders/png.c allows remote attackers to cause a denial of service (application hang in LockSemaphoreInfo) via a PNG file with a width equal to MAGICK_WIDTH_LIMIT.

  • CVE-2017-13134MedAug 23, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer over-read was found in the function SFWScan in coders/sfw.c, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2017-13133MedAug 23, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service (load_tile memory exhaustion) via a crafted file.

  • CVE-2017-13132MedAug 23, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.6-8, the WritePDFImage function in coders/pdf.c operates on an incorrect data structure in the "dump uncompressed PseudoColor packets" step, which allows attackers to cause a denial of service (assertion failure in WriteBlobStream in MagickCore/blob.c) via a…

  • CVE-2017-13131MedAug 23, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.6-8, a memory leak vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (memory consumption in NewLinkedList in MagickCore/linked-list.c) via a crafted file.

  • CVE-2017-13062MedAug 22, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function formatIPTC in coders/meta.c, which allows attackers to cause a denial of service (WriteMETAImage memory consumption) via a crafted file.

  • CVE-2017-13061MedAug 22, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which allows attackers to cause a denial of service (ReadPSDImage memory exhaustion) via a crafted file.

  • CVE-2017-13060MedAug 22, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.6-5, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2017-13059MedAug 22, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WriteOneJNGImage in coders/png.c, which allows attackers to cause a denial of service (WriteJNGImage memory consumption) via a crafted file.

  • CVE-2017-13058MedAug 22, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2017-12676MedAug 7, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attackers to cause a denial of service.

  • CVE-2017-12675MedAug 7, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.6-3, a missing check for multidimensional data was found in coders/mat.c, leading to a memory leak in the function ReadImage in MagickCore/constitute.c, which allows attackers to cause a denial of service.

  • CVE-2017-12674MedAug 7, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.6-2, a CPU exhaustion vulnerability was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service.

  • CVE-2017-12673MedAug 7, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service.

  • CVE-2017-12672MedAug 7, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service.

  • CVE-2017-12671MedAug 7, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.6-3, a missing NULL assignment was found in coders/png.c, leading to an invalid free in the function RelinquishMagickMemory in MagickCore/memory.c, which allows attackers to cause a denial of service.

  • CVE-2017-12670MedAug 7, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.6-3, missing validation was found in coders/mat.c, leading to an assertion failure in the function DestroyImage in MagickCore/image.c, which allows attackers to cause a denial of service.

  • CVE-2017-12654MedAug 7, 2017
    risk 0.42cvss 6.5epss 0.01

    The ReadPICTImage function in coders/pict.c in ImageMagick 7.0.6-3 allows attackers to cause a denial of service (memory leak) via a crafted file.

  • CVE-2017-12643MedAug 7, 2017
    risk 0.42cvss 6.5epss 0.03

    ImageMagick 7.0.6-1 has a memory exhaustion vulnerability in ReadOneJNGImage in coders\png.c.

  • CVE-2017-12566MedAug 5, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMVGImage in coders/mvg.c, which allows attackers to cause a denial of service, related to the function ReadSVGImage in svg.c.

  • CVE-2017-12565MedAug 5, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attackers to cause a denial of service.

  • CVE-2017-12564MedAug 5, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service.

  • CVE-2017-12563MedAug 5, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.6-2, a memory exhaustion vulnerability was found in the function ReadPSDImage in coders/psd.c, which allows attackers to cause a denial of service.

  • CVE-2017-12434MedAug 4, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service (assertion failure) in DestroyImageInfo in image.c.

  • CVE-2017-12433MedAug 4, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadPESImage in coders/pes.c, which allows attackers to cause a denial of service, related to ResizeMagickMemory in memory.c.

  • CVE-2017-12432MedAug 4, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadPCXImage in coders/pcx.c, which allows attackers to cause a denial of service.

  • CVE-2017-12431MedAug 4, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.6-1, a use-after-free vulnerability was found in the function ReadWMFImage in coders/wmf.c, which allows attackers to cause a denial of service.

  • CVE-2017-12427MedAug 4, 2017
    risk 0.42cvss 6.5epss 0.02

    The ProcessMSLScript function in coders/msl.c in ImageMagick before 6.9.9-5 and 7.x before 7.0.6-5 allows remote attackers to cause a denial of service (memory leak) via a crafted file, related to the WriteMSLImage function.

  • CVE-2017-12140MedAug 2, 2017
    risk 0.42cvss 6.5epss 0.02

    The ReadDCMImage function in coders\dcm.c in ImageMagick 7.0.6-1 has an integer signedness error leading to excessive memory consumption via a crafted DCM file.

  • CVE-2017-11755MedJul 30, 2017
    risk 0.42cvss 6.5epss 0.01

    The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an AcquireSemaphoreInfo call.

  • CVE-2017-11754MedJul 30, 2017
    risk 0.42cvss 6.5epss 0.02

    The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an OpenPixelCache call.

  • CVE-2017-11753MedJul 30, 2017
    risk 0.42cvss 6.5epss 0.02

    The GetImageDepth function in MagickCore/attribute.c in ImageMagick 7.0.6-4 might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted Flexible Image Transport System (FITS) file.

  • CVE-2017-11752MedJul 30, 2017
    risk 0.42cvss 6.5epss 0.02

    The ReadMAGICKImage function in coders/magick.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file.

  • CVE-2017-11751MedJul 30, 2017
    risk 0.42cvss 6.5epss 0.02

    The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file.

  • CVE-2017-11750MedJul 30, 2017
    risk 0.42cvss 6.5epss 0.02

    The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 and 7.0.6-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.

  • CVE-2017-11724MedJul 29, 2017
    risk 0.42cvss 6.5epss 0.02

    The ReadMATImage function in coders/mat.c in ImageMagick through 6.9.9-3 and 7.x through 7.0.6-3 has memory leaks involving the quantum_info and clone_info data structures.

  • CVE-2017-11644MedJul 26, 2017
    risk 0.42cvss 6.5epss 0.02

    When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadMATImage() function in coders/mat.c.

  • CVE-2017-11640MedJul 26, 2017
    risk 0.42cvss 6.5epss 0.03

    When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to an address access exception in the WritePTIFImage() function in coders/tiff.c.

  • CVE-2017-11639MedJul 26, 2017
    risk 0.42cvss 6.5epss 0.03

    When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c, related to the GetPixelLuma function in MagickCore/pixel-accessor.h.

  • CVE-2017-11540MedJul 23, 2017
    risk 0.42cvss 6.5epss 0.02

    When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the GetPixelIndex() function, called from the WritePICONImage function in coders/xpm.c.

  • CVE-2017-11539MedJul 23, 2017
    risk 0.42cvss 6.5epss 0.02

    When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadOnePNGImage() function in coders/png.c.

Page 6 of 16