Imagemagick

imagemagick

Vendor: Imagemagick • 739 CVEs

CVEs (739)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2014-1947 2Imagemagick Suse 4Imagemagick Linux Enterprise DesktopLinux Enterprise Server+1 more Nov 21, 2024 Feb 17, 2020 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large numb...Show more Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L%02ld string, a different vulnerability than CVE-2014-2030.Show less
CVE-2014-2030 3Canonical ImagemagickOpensuse 3Imagemagick OpensuseUbuntu Linux Nov 21, 2024 Feb 6, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted P...Show more Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-1947.Show less
CVE-2014-1958 3Canonical ImagemagickOpensuse 3Imagemagick OpensuseUbuntu Linux Nov 21, 2024 Feb 6, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulne...Show more Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030.Show less
CVE-2016-7524 1Imagemagick 1Imagemagick Nov 21, 2024 Feb 6, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
CVE-2016-7523 1Imagemagick 1Imagemagick Nov 21, 2024 Feb 6, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
CVE-2019-19952 1Imagemagick 1Imagemagick Nov 21, 2024 Dec 24, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGImage.
CVE-2019-19949 4Canonical DebianImagemagick+1 more 4Debian Linux ImagemagickLeap+1 more Nov 21, 2024 Dec 24, 2019 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.
CVE-2019-19948 4Canonical DebianImagemagick+1 more 4Debian Linux ImagemagickLeap+1 more Nov 21, 2024 Dec 24, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.
CVE-2014-8561 2Debian Imagemagick 2Debian Linux Imagemagick Nov 21, 2024 Dec 15, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 imagemagick 6.8.9.6 has remote DOS via infinite loop
CVE-2019-18853 1Imagemagick 1Imagemagick Nov 21, 2024 Nov 11, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because XML_PARSE_HUGE is not properly restricted in coders/svg.c, related to SVG and libxml2.
CVE-2019-17547 1Imagemagick 1Imagemagick Nov 21, 2024 Oct 14, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free.
CVE-2019-17541 1Imagemagick 1Imagemagick Nov 21, 2024 Oct 14, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c.
CVE-2019-17540 2Debian Imagemagick 2Debian Linux Imagemagick Nov 21, 2024 Oct 14, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.
CVE-2019-16713 4Canonical DebianImagemagick+1 more 4Debian Linux ImagemagickLeap+1 more Nov 21, 2024 Sep 23, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.
CVE-2019-16712 2Imagemagick Opensuse 2Imagemagick Leap Nov 21, 2024 Sep 23, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image.
CVE-2019-16711 4Canonical DebianImagemagick+1 more 4Debian Linux ImagemagickLeap+1 more Nov 21, 2024 Sep 23, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.
CVE-2019-16710 4Canonical DebianImagemagick+1 more 4Debian Linux ImagemagickLeap+1 more Nov 21, 2024 Sep 23, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.
CVE-2019-16709 3Canonical ImagemagickOpensuse 4Backports ImagemagickLeap+1 more Nov 21, 2024 Sep 23, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.
CVE-2019-16708 4Canonical DebianImagemagick+1 more 4Debian Linux ImagemagickLeap+1 more Nov 21, 2024 Sep 23, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.
CVE-2019-15141 2Imagemagick Opensuse 2Imagemagick Leap Nov 21, 2024 Aug 18, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRew...Show more WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for CVE-2019-11597.Show less

Previous 1...91011...37 Next