Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Imagemagick Subscribe
Total 646 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-17885 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allows attackers to cause a denial of service via a crafted PICT image file.
CVE-2017-13139 3 Canonical, Debian, Imagemagick 3 Ubuntu Linux, Debian Linux, Imagemagick 2024-02-28 7.5 HIGH 9.8 CRITICAL
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.
CVE-2017-14739 1 Imagemagick 1 Imagemagick 2024-02-28 5.0 MEDIUM 7.5 HIGH
The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows remote attackers to cause a denial of service (NULL Pointer Dereference in DistortImage in MagickCore/distort.c, and application crash) via unspecified vectors.
CVE-2017-15016 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2024-02-28 6.8 MEDIUM 8.8 HIGH
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadEnhMetaFile in coders/emf.c.
CVE-2017-13132 1 Imagemagick 1 Imagemagick 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.6-8, the WritePDFImage function in coders/pdf.c operates on an incorrect data structure in the "dump uncompressed PseudoColor packets" step, which allows attackers to cause a denial of service (assertion failure in WriteBlobStream in MagickCore/blob.c) via a crafted file.
CVE-2018-5246 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c.
CVE-2017-12434 1 Imagemagick 1 Imagemagick 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service (assertion failure) in DestroyImageInfo in image.c.
CVE-2017-12668 1 Imagemagick 1 Imagemagick 2024-02-28 6.8 MEDIUM 8.8 HIGH
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePCXImage in coders/pcx.c.
CVE-2017-11525 1 Imagemagick 1 Imagemagick 2024-02-28 7.1 HIGH 6.5 MEDIUM
The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
CVE-2017-11360 1 Imagemagick 1 Imagemagick 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
The ReadRLEImage function in coders\rle.c in ImageMagick 7.0.6-1 has a large loop vulnerability via a crafted rle file that triggers a huge number_pixels value.
CVE-2014-9828 1 Imagemagick 1 Imagemagick 2024-02-28 6.8 MEDIUM 8.8 HIGH
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file.
CVE-2017-13061 1 Imagemagick 1 Imagemagick 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which allows attackers to cause a denial of service (ReadPSDImage memory exhaustion) via a crafted file.
CVE-2017-9499 1 Imagemagick 1 Imagemagick 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function SetPixelChannelAttributes, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-9440 1 Imagemagick 1 Imagemagick 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPSDChannel in coders/psd.c, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-18029 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.
CVE-2017-17504 3 Canonical, Debian, Imagemagick 3 Ubuntu Linux, Debian Linux, Imagemagick 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage.
CVE-2017-11640 1 Imagemagick 1 Imagemagick 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to an address access exception in the WritePTIFImage() function in coders/tiff.c.
CVE-2017-12642 1 Imagemagick 1 Imagemagick 2024-02-28 6.8 MEDIUM 8.8 HIGH
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMPCImage in coders\mpc.c.
CVE-2017-15277 2 Graphicsmagick, Imagemagick 2 Graphicsmagick, Imagemagick 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process that operates on interesting data, this data sometimes can be leaked via the uninitialized palette.
CVE-2017-17882 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted XPM image file.