Filtered by vendor Imagemagick
Subscribe
Total
646 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-13145 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash. | |||||
CVE-2017-14137 | 1 Imagemagick | 1 Imagemagick | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue where memory allocation is excessive because it depends only on a length field in a header. | |||||
CVE-2017-14625 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_output_create in coders/sixel.c. | |||||
CVE-2017-12654 | 1 Imagemagick | 1 Imagemagick | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
The ReadPICTImage function in coders/pict.c in ImageMagick 7.0.6-3 allows attackers to cause a denial of service (memory leak) via a crafted file. | |||||
CVE-2017-12983 | 1 Imagemagick | 1 Imagemagick | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. | |||||
CVE-2017-13133 | 1 Imagemagick | 1 Imagemagick | 2024-02-28 | 7.1 HIGH | 6.5 MEDIUM |
In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service (load_tile memory exhaustion) via a crafted file. | |||||
CVE-2017-9501 | 1 Imagemagick | 1 Imagemagick | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file. | |||||
CVE-2017-13141 | 1 Imagemagick | 1 Imagemagick | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could trigger a memory leak in ReadOnePNGImage in coders/png.c. | |||||
CVE-2017-13143 | 1 Imagemagick | 1 Imagemagick | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
In ImageMagick before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage function in coders/mat.c uses uninitialized data, which might allow remote attackers to obtain sensitive information from process memory. | |||||
CVE-2017-11536 | 1 Imagemagick | 1 Imagemagick | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteJP2Image() function in coders/jp2.c. | |||||
CVE-2017-11532 | 1 Imagemagick | 1 Imagemagick | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteMPCImage() function in coders/mpc.c. | |||||
CVE-2017-12692 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2024-02-28 | 7.1 HIGH | 6.5 MEDIUM |
The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted VIFF file. | |||||
CVE-2017-16546 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or possibly have unspecified other impact via a malformed WPG file. | |||||
CVE-2017-11522 | 1 Imagemagick | 1 Imagemagick | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | |||||
CVE-2017-11505 | 1 Imagemagick | 1 Imagemagick | 2024-02-28 | 7.1 HIGH | 6.5 MEDIUM |
The ReadOneJNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a malformed JNG file. | |||||
CVE-2017-11447 | 1 Imagemagick | 1 Imagemagick | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick before 7.0.6-1 has memory leaks, causing denial of service. | |||||
CVE-2017-9262 | 1 Imagemagick | 1 Imagemagick | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.0.5-6 Q16, the ReadJNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file. | |||||
CVE-2017-11528 | 1 Imagemagick | 1 Imagemagick | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file. | |||||
CVE-2017-11535 | 1 Imagemagick | 1 Imagemagick | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WritePSImage() function in coders/ps.c. | |||||
CVE-2017-12418 | 1 Imagemagick | 1 Imagemagick | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c. |