Vulnerabilities (CVE)

Filtered by vendor Imagemagick Subscribe
Total 646 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-15017 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2024-11-21 6.8 MEDIUM 8.8 HIGH
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c.
CVE-2017-15016 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2024-11-21 6.8 MEDIUM 8.8 HIGH
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadEnhMetaFile in coders/emf.c.
CVE-2017-15015 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2024-11-21 6.8 MEDIUM 8.8 HIGH
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDelegateMessage in coders/pdf.c.
CVE-2017-14989 1 Imagemagick 1 Imagemagick 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
A use-after-free in RenderFreetype in MagickCore/annotate.c in ImageMagick 7.0.7-4 Q16 allows attackers to crash the application via a crafted font file, because the FT_Done_Glyph function (from FreeType 2) is called at an incorrect place in the ImageMagick code.
CVE-2017-14741 1 Imagemagick 1 Imagemagick 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
The ReadCAPTIONImage function in coders/caption.c in ImageMagick 7.0.7-3 allows remote attackers to cause a denial of service (infinite loop) via a crafted font file.
CVE-2017-14739 1 Imagemagick 1 Imagemagick 2024-11-21 5.0 MEDIUM 7.5 HIGH
The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows remote attackers to cause a denial of service (NULL Pointer Dereference in DistortImage in MagickCore/distort.c, and application crash) via unspecified vectors.
CVE-2017-14684 1 Imagemagick 1 Imagemagick 2024-11-21 7.1 HIGH 6.5 MEDIUM
In ImageMagick 7.0.7-4 Q16, a memory leak vulnerability was found in the function ReadVIPSImage in coders/vips.c, which allows attackers to cause a denial of service (memory consumption in ResizeMagickMemory in MagickCore/memory.c) via a crafted file.
CVE-2017-14682 1 Imagemagick 1 Imagemagick 2024-11-21 6.8 MEDIUM 8.8 HIGH
GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted SVG document, a different vulnerability than CVE-2017-10928.
CVE-2017-14626 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2024-11-21 7.5 HIGH 9.8 CRITICAL
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c.
CVE-2017-14625 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2024-11-21 7.5 HIGH 9.8 CRITICAL
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_output_create in coders/sixel.c.
CVE-2017-14624 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2024-11-21 7.5 HIGH 9.8 CRITICAL
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c.
CVE-2017-14607 3 Canonical, Debian, Imagemagick 3 Ubuntu Linux, Debian Linux, Imagemagick 2024-11-21 5.8 MEDIUM 8.1 HIGH
In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage has been reported in coders/tiff.c. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash.
CVE-2017-14533 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c.
CVE-2017-14532 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2024-11-21 7.5 HIGH 9.8 CRITICAL
ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c.
CVE-2017-14531 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2024-11-21 7.1 HIGH 6.5 MEDIUM
ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in coders/sun.c.
CVE-2017-14528 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
The TIFFSetProfiles function in coders/tiff.c in ImageMagick 7.0.6 has incorrect expectations about whether LibTIFF TIFFGetField return values imply that data validation has occurred, which allows remote attackers to cause a denial of service (use-after-free after an invalid call to TIFFSetField, and application crash) via a crafted file.
CVE-2017-14505 1 Imagemagick 1 Imagemagick 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Service (NULL pointer dereference and application crash in AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted Image File as input.
CVE-2017-14400 1 Imagemagick 1 Imagemagick 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.7-1 Q16, the PersistPixelCache function in magick/cache.c mishandles the pixel cache nexus, which allows remote attackers to cause a denial of service (NULL pointer dereference in the function GetVirtualPixels in MagickCore/cache.c) via a crafted file.
CVE-2017-14343 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file.
CVE-2017-14342 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c via a crafted wpg image file.