Imagemagick

imagemagick

Vendor: Imagemagick • 739 CVEs

CVEs (739)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-16749 3Canonical DebianImagemagick 3Debian Linux ImagemagickUbuntu Linux Nov 21, 2024 Sep 9, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file.
CVE-2018-16645 3Canonical DebianImagemagick 3Debian Linux ImagemagickUbuntu Linux Nov 21, 2024 Sep 6, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 There is an excessive memory allocation issue in the functions ReadBMPImage of coders/bmp.c and ReadDIBImage of coders/dib.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a craft...Show more There is an excessive memory allocation issue in the functions ReadBMPImage of coders/bmp.c and ReadDIBImage of coders/dib.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image file.Show less
CVE-2018-16644 3Canonical DebianImagemagick 3Debian Linux ImagemagickUbuntu Linux Nov 21, 2024 Sep 6, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image...Show more There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image.Show less
CVE-2018-16643 3Canonical DebianImagemagick 3Debian Linux ImagemagickUbuntu Linux Nov 21, 2024 Sep 6, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders/cals.c, and ReadPICTImage in coders/pict.c in ImageMagick 7.0.8-4 do not check the return value of the fputc function, whi...Show more The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders/cals.c, and ReadPICTImage in coders/pict.c in ImageMagick 7.0.8-4 do not check the return value of the fputc function, which allows remote attackers to cause a denial of service via a crafted image file.Show less
CVE-2018-16642 3Canonical DebianImagemagick 3Debian Linux ImagemagickUbuntu Linux Nov 21, 2024 Sep 6, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The function InsertRow in coders/cut.c in ImageMagick 7.0.7-37 allows remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write.
CVE-2018-16641 1Imagemagick 1Imagemagick Nov 21, 2024 Sep 6, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 ImageMagick 7.0.8-6 has a memory leak vulnerability in the TIFFWritePhotoshopLayers function in coders/tiff.c.
CVE-2018-16640 2Canonical Imagemagick 2Imagemagick Ubuntu Linux Nov 21, 2024 Sep 6, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ReadOneJNGImage in coders/png.c.
CVE-2018-16413 1Imagemagick 1Imagemagick Nov 21, 2024 Sep 3, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the MagickCore/quantum-private.h PushShortPixel function when called from the coders/psd.c ParseImageResourceBlocks function.
CVE-2018-16412 2Imagemagick Opensuse 2Imagemagick Leap Nov 21, 2024 Sep 3, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function.
CVE-2018-16329 1Imagemagick 1Imagemagick Nov 21, 2024 Sep 1, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c.
CVE-2018-16328 1Imagemagick 1Imagemagick Nov 21, 2024 Sep 1, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c.
CVE-2018-16323 2Canonical Imagemagick 2Imagemagick Ubuntu Linux Nov 21, 2024 Sep 1, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that inclu...Show more ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data.Show less
CVE-2018-15607 1Imagemagick 1Imagemagick Nov 21, 2024 Aug 21, 2018 N/A· v4 6.5 MEDIUM· v3 7.1 HIGH· v2 In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are c...Show more In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.Show less
CVE-2018-14551 2Canonical Imagemagick 2Imagemagick Ubuntu Linux Nov 21, 2024 Jul 23, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses an uninitialized variable, leading to memory corruption.
CVE-2018-14437 2Canonical Imagemagick 2Imagemagick Ubuntu Linux Nov 21, 2024 Jul 20, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 ImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c.
CVE-2018-14436 2Canonical Imagemagick 2Imagemagick Ubuntu Linux Nov 21, 2024 Jul 20, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 ImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in coders/miff.c.
CVE-2018-14435 2Canonical Imagemagick 2Imagemagick Ubuntu Linux Nov 21, 2024 Jul 20, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c.
CVE-2018-14434 2Canonical Imagemagick 2Imagemagick Ubuntu Linux Nov 21, 2024 Jul 20, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c.
CVE-2018-13153 2Canonical Imagemagick 2Imagemagick Ubuntu Linux Nov 21, 2024 Jul 5, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand function in MagickCore/animate.c.
CVE-2018-12600 3Canonical DebianImagemagick 3Debian Linux ImagemagickUbuntu Linux Nov 21, 2024 Jun 20, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file.

Previous 1...131415...37 Next