Graphicsmagick

graphicsmagick

Vendor: Graphicsmagick • 121 CVEs

CVEs (121)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-17503 2Debian Graphicsmagick 2Debian Linux Graphicsmagick May 13, 2026 Dec 11, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file.
CVE-2017-17502 2Debian Graphicsmagick 2Debian Linux Graphicsmagick May 13, 2026 Dec 11, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a magick/import.c ImportCMYKQuantumType heap-based buffer over-read via a crafted file.
CVE-2017-17501 2Debian Graphicsmagick 2Debian Linux Graphicsmagick May 13, 2026 Dec 11, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 WriteOnePNGImage in coders/png.c in GraphicsMagick 1.3.26 has a heap-based buffer over-read via a crafted file.
CVE-2017-17500 2Debian Graphicsmagick 2Debian Linux Graphicsmagick May 13, 2026 Dec 11, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 ReadRGBImage in coders/rgb.c in GraphicsMagick 1.3.26 has a magick/import.c ImportRGBQuantumType heap-based buffer over-read via a crafted file.
CVE-2017-17498 1Graphicsmagick 1Graphicsmagick May 13, 2026 Dec 11, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 WritePNMImage in coders/pnm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (bit_stream.c MagickBitStreamMSBWrite heap-based buffer overflow and application crash) or possibly have unspeci...Show more WritePNMImage in coders/pnm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (bit_stream.c MagickBitStreamMSBWrite heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.Show less
CVE-2017-16669 2Debian Graphicsmagick 2Debian Linux Graphicsmagick May 13, 2026 Nov 9, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to the A...Show more coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to the AcquireCacheNexus function in magick/pixel_cache.c.Show less
CVE-2017-16547 1Graphicsmagick 1Graphicsmagick May 13, 2026 Nov 6, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does not properly look for pop keywords that are associated with push keywords, which allows remote attackers to cause a denial of service (negative strn...Show more The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does not properly look for pop keywords that are associated with push keywords, which allows remote attackers to cause a denial of service (negative strncpy and application crash) or possibly have unspecified other impact via a crafted file.Show less
CVE-2017-16545 1Graphicsmagick 1Graphicsmagick May 13, 2026 Nov 5, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to cause a denial of service (ImportIndexQuantumType invalid write and appli...Show more The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to cause a denial of service (ImportIndexQuantumType invalid write and application crash) or possibly have unspecified other impact via a malformed WPG image.Show less
CVE-2017-16353 2Debian Graphicsmagick 2Debian Linux Graphicsmagick May 13, 2026 Nov 1, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code co...Show more GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the IPTC Profile information contained in the image. This vulnerability can be triggered with a specially crafted MIFF file. There is an out-of-bounds buffer dereference because certain increments are never checked.Show less
CVE-2017-16352 2Debian Graphicsmagick 2Debian Linux Graphicsmagick May 13, 2026 Nov 1, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the DescribeImage() function of the magick/describe.c file. One possible way to t...Show more GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the DescribeImage() function of the magick/describe.c file. One possible way to trigger the vulnerability is to run the identify command on a specially crafted MIFF format file with the verbose flag.Show less
CVE-2017-15930 2Debian Graphicsmagick 2Debian Linux Graphicsmagick May 13, 2026 Oct 27, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null Pointer Dereference occurs while transferring JPEG scanlines, related to a PixelPacket pointer.
CVE-2017-15277 2Graphicsmagick Imagemagick 2Graphicsmagick Imagemagick May 13, 2026 Oct 12, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a...Show more ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process that operates on interesting data, this data sometimes can be leaked via the uninitialized palette.Show less
CVE-2017-15238 2Debian Graphicsmagick 2Debian Linux Graphicsmagick May 13, 2026 Oct 11, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26 has a use-after-free issue when the height or width is zero, related to ReadJNGImage.
CVE-2017-14997 2Debian Graphicsmagick 2Debian Linux Graphicsmagick May 13, 2026 Oct 4, 2017 N/A· v4 6.5 MEDIUM· v3 7.1 HIGH· v2 GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (excessive memory allocation) because of an integer underflow in ReadPICTImage in coders/pict.c.
CVE-2017-14994 2Debian Graphicsmagick 2Debian Linux Graphicsmagick May 13, 2026 Oct 4, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted DICOM image, related to the ability of DCM_ReadNonNativeImages to yield...Show more ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted DICOM image, related to the ability of DCM_ReadNonNativeImages to yield an image list with zero frames.Show less
CVE-2017-14733 2Debian Graphicsmagick 2Debian Linux Graphicsmagick May 13, 2026 Sep 25, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 ReadRLEImage in coders/rle.c in GraphicsMagick 1.3.26 mishandles RLE headers that specify too few colors, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via...Show more ReadRLEImage in coders/rle.c in GraphicsMagick 1.3.26 mishandles RLE headers that specify too few colors, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.Show less
CVE-2017-14649 1Graphicsmagick 1Graphicsmagick May 13, 2026 Sep 21, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 ReadOneJNGImage in coders/png.c in GraphicsMagick version 1.3.26 does not properly validate JNG data, leading to a denial of service (assertion failure in magick/pixel_cache.c, and application crash).
CVE-2017-14504 2Debian Graphicsmagick 2Debian Linux Graphicsmagick May 13, 2026 Sep 17, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 ReadPNMImage in coders/pnm.c in GraphicsMagick 1.3.26 does not ensure the correct number of colors for the XV 332 format, leading to a NULL Pointer Dereference.
CVE-2017-14314 2Debian Graphicsmagick 2Debian Linux Graphicsmagick May 13, 2026 Sep 12, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Off-by-one error in the DrawImage function in magick/render.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (DrawDashPolygon heap-based buffer over-read and application crash) via a crafte...Show more Off-by-one error in the DrawImage function in magick/render.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (DrawDashPolygon heap-based buffer over-read and application crash) via a crafted file.Show less
CVE-2017-14165 1Graphicsmagick 1Graphicsmagick May 13, 2026 Sep 6, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has an issue where memory allocation is excessive because it depends only on a length field in a header. This may lead to remote denial of service in the...Show more The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has an issue where memory allocation is excessive because it depends only on a length field in a header. This may lead to remote denial of service in the MagickMalloc function in magick/memory.c.Show less

Previous 1 234 5 6 7 Next