Filtered by vendor Graphicsmagick
Subscribe
Total
118 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-14649 | 1 Graphicsmagick | 1 Graphicsmagick | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| ReadOneJNGImage in coders/png.c in GraphicsMagick version 1.3.26 does not properly validate JNG data, leading to a denial of service (assertion failure in magick/pixel_cache.c, and application crash). | |||||
| CVE-2017-13065 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c. | |||||
| CVE-2017-17502 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a magick/import.c ImportCMYKQuantumType heap-based buffer over-read via a crafted file. | |||||
| CVE-2017-11643 | 1 Graphicsmagick | 1 Graphicsmagick | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| GraphicsMagick 1.3.26 has a heap overflow in the WriteCMYKImage() function in coders/cmyk.c when processing multiple frames that have non-identical widths. | |||||
| CVE-2017-13147 | 1 Graphicsmagick | 1 Graphicsmagick | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value. | |||||
| CVE-2017-16547 | 1 Graphicsmagick | 1 Graphicsmagick | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does not properly look for pop keywords that are associated with push keywords, which allows remote attackers to cause a denial of service (negative strncpy and application crash) or possibly have unspecified other impact via a crafted file. | |||||
| CVE-2017-11636 | 1 Graphicsmagick | 1 Graphicsmagick | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| GraphicsMagick 1.3.26 has a heap overflow in the WriteRGBImage() function in coders/rgb.c when processing multiple frames that have non-identical widths. | |||||
| CVE-2017-11140 | 1 Graphicsmagick | 1 Graphicsmagick | 2024-02-28 | 7.1 HIGH | 5.5 MEDIUM |
| The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 creates a pixel cache before a successful read of a scanline, which allows remote attackers to cause a denial of service (resource consumption) via crafted JPEG files. | |||||
| CVE-2017-14733 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| ReadRLEImage in coders/rle.c in GraphicsMagick 1.3.26 mishandles RLE headers that specify too few colors, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. | |||||
| CVE-2017-10799 | 1 Graphicsmagick | 1 Graphicsmagick | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| When GraphicsMagick 1.3.25 processes a DPX image (with metadata indicating a large width) in coders/dpx.c, a denial of service (OOM) can occur in ReadDPXImage(). | |||||
| CVE-2017-11139 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders/png.c. | |||||
| CVE-2017-13736 | 1 Graphicsmagick | 1 Graphicsmagick | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| There are lots of memory leaks in the GMCommand function in magick/command.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack. | |||||
| CVE-2017-10794 | 1 Graphicsmagick | 1 Graphicsmagick | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| When GraphicsMagick 1.3.25 processes an RGB TIFF picture (with metadata indicating a single sample per pixel) in coders/tiff.c, a buffer overflow occurs, related to QuantumTransferMode. | |||||
| CVE-2017-17913 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to an incompatibility with libwebp versions, 0.5.0 and later, that use a different structure type. | |||||
| CVE-2017-11638 | 1 Graphicsmagick | 1 Graphicsmagick | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| GraphicsMagick 1.3.26 has a segmentation violation in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11642. | |||||
| CVE-2017-15238 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26 has a use-after-free issue when the height or width is zero, related to ReadJNGImage. | |||||
| CVE-2017-12936 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting. | |||||
| CVE-2017-11722 | 1 Graphicsmagick | 1 Graphicsmagick | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file, because the program's actual control flow was inconsistent with its indentation. This resulted in a logging statement executing outside of a loop, and consequently using an invalid array index corresponding to the loop's exit condition. | |||||
| CVE-2017-13775 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2024-02-28 | 7.1 HIGH | 6.5 MEDIUM |
| GraphicsMagick 1.3.26 has a denial of service issue in ReadJNXImage() in coders/jnx.c whereby large amounts of CPU and memory resources may be consumed although the file itself does not support the requests. | |||||
| CVE-2017-11637 | 1 Graphicsmagick | 1 Graphicsmagick | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() function in coders/pcl.c during writes of monochrome images. | |||||