Vulnerabilities (CVE)

Filtered by vendor Graphicsmagick Subscribe
Filtered by product Graphicsmagick
Total 118 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-1270 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2024-11-21 N/A 7.8 HIGH
In GraphicsMagick, a heap buffer overflow was found when parsing MIFF.
CVE-2020-21679 1 Graphicsmagick 1 Graphicsmagick 2024-11-21 N/A 5.5 MEDIUM
Buffer Overflow vulnerability in WritePCXImage function in pcx.c in GraphicsMagick 1.4 allows remote attackers to cause a denial of service via converting of crafted image file to pcx format.
CVE-2020-12672 3 Debian, Graphicsmagick, Opensuse 4 Debian Linux, Graphicsmagick, Backports Sle and 1 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.
CVE-2020-10938 3 Debian, Graphicsmagick, Opensuse 4 Debian Linux, Graphicsmagick, Backports and 1 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c.
CVE-2019-7397 5 Canonical, Debian, Graphicsmagick and 2 more 5 Ubuntu Linux, Debian Linux, Graphicsmagick and 2 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.
CVE-2019-19953 3 Debian, Graphicsmagick, Opensuse 4 Debian Linux, Graphicsmagick, Backports and 1 more 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c.
CVE-2019-19951 3 Debian, Graphicsmagick, Opensuse 4 Debian Linux, Graphicsmagick, Backports and 1 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c.
CVE-2019-19950 3 Debian, Graphicsmagick, Opensuse 4 Debian Linux, Graphicsmagick, Backports and 1 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c.
CVE-2019-12921 3 Debian, Graphicsmagick, Opensuse 4 Debian Linux, Graphicsmagick, Backports Sle and 1 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read arbitrary files via a crafted image because of TranslateTextEx for SVG.
CVE-2019-11506 4 Canonical, Debian, Graphicsmagick and 1 more 5 Ubuntu Linux, Debian Linux, Graphicsmagick and 2 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to ExportRedQuantumType in magick/export.c.
CVE-2019-11505 4 Canonical, Debian, Graphicsmagick and 1 more 5 Ubuntu Linux, Debian Linux, Graphicsmagick and 2 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to MagickBitStreamMSBWrite in magick/bit_stream.c.
CVE-2019-11474 5 Canonical, Debian, Fedoraproject and 2 more 6 Ubuntu Linux, Debian Linux, Fedora and 3 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (floating-point exception and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009.
CVE-2019-11473 1 Graphicsmagick 1 Graphicsmagick 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (out-of-bounds read and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009.
CVE-2019-11010 3 Debian, Graphicsmagick, Opensuse 3 Debian Linux, Graphicsmagick, Leap 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a memory leak in the function ReadMPCImage of coders/mpc.c, which allows attackers to cause a denial of service via a crafted image file.
CVE-2019-11009 3 Debian, Graphicsmagick, Opensuse 3 Debian Linux, Graphicsmagick, Leap 2024-11-21 5.8 MEDIUM 8.1 HIGH
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadXWDImage of coders/xwd.c, which allows attackers to cause a denial of service or information disclosure via a crafted image file.
CVE-2019-11008 4 Canonical, Debian, Graphicsmagick and 1 more 5 Ubuntu Linux, Debian Linux, Graphicsmagick and 2 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file.
CVE-2019-11007 4 Canonical, Debian, Graphicsmagick and 1 more 5 Ubuntu Linux, Debian Linux, Graphicsmagick and 2 more 2024-11-21 5.8 MEDIUM 8.1 HIGH
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image colormap.
CVE-2019-11006 3 Debian, Graphicsmagick, Opensuse 3 Debian Linux, Graphicsmagick, Leap 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c, which allows attackers to cause a denial of service or information disclosure via an RLE packet.
CVE-2019-11005 2 Graphicsmagick, Opensuse 2 Graphicsmagick, Leap 2024-11-21 7.5 HIGH 9.8 CRITICAL
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buffer overflow in the function SVGStartElement of coders/svg.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a quoted font family value.
CVE-2018-9018 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file.