Imagemagick

imagemagick

Vendor: Imagemagick • 767 CVEs

CVEs (767)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-10995 1Imagemagick 1Imagemagick May 13, 2026 Jul 7, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted MNG image.
CVE-2017-10928 1Imagemagick 1Imagemagick May 13, 2026 Jul 5, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a cr...Show more In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function in coders/svg.c.Show less
CVE-2017-9501 1Imagemagick 1Imagemagick May 13, 2026 Jun 7, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-9500 1Imagemagick 1Imagemagick May 13, 2026 Jun 7, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In ImageMagick 7.0.5-8 Q16, an assertion failure was found in the function ResetImageProfileIterator, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-9499 1Imagemagick 1Imagemagick May 13, 2026 Jun 7, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function SetPixelChannelAttributes, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-9440 1Imagemagick 1Imagemagick May 13, 2026 Jun 5, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPSDChannel in coders/psd.c, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-9439 1Imagemagick 1Imagemagick May 13, 2026 Jun 5, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-9409 1Imagemagick 1Imagemagick May 13, 2026 Jun 2, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In ImageMagick 7.0.5-5, the ReadMPCImage function in mpc.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9407 1Imagemagick 1Imagemagick May 13, 2026 Jun 2, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9405 1Imagemagick 1Imagemagick May 13, 2026 Jun 2, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In ImageMagick 7.0.5-5, the ReadICONImage function in icon.c:452 allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9262 1Imagemagick 1Imagemagick May 13, 2026 May 29, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In ImageMagick 7.0.5-6 Q16, the ReadJNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9261 1Imagemagick 1Imagemagick May 13, 2026 May 29, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In ImageMagick 7.0.5-6 Q16, the ReadMNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9144 2Debian Imagemagick 2Debian Linux Imagemagick May 13, 2026 May 22, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c.
CVE-2017-9143 2Debian Imagemagick 2Debian Linux Imagemagick May 13, 2026 May 22, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c allows attackers to cause a denial of service (memory leak) via a crafted .art file.
CVE-2017-9142 2Debian Imagemagick 2Debian Linux Imagemagick May 13, 2026 May 22, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the WriteBlob function in MagickCore/blob.c because of missing checks in the ReadOneJNGImage function in coders/png.c.
CVE-2017-9141 2Debian Imagemagick 2Debian Linux Imagemagick May 13, 2026 May 22, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the ResetImageProfileIterator function in MagickCore/profile.c because of missing checks in the ReadDDSImage function in coders/dds.c.
CVE-2017-9098 3Debian GraphicsmagickImagemagick 3Debian Linux GraphicsmagickImagemagick May 13, 2026 May 19, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks aga...Show more ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image data on behalf of multiple users. This is caused by a missing initialization step in the ReadRLEImage function in coders/rle.c.Show less
CVE-2017-8830 1Imagemagick 1Imagemagick May 13, 2026 May 8, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-8765 1Imagemagick 1Imagemagick May 13, 2026 May 4, 2017 N/A· v4 6.5 MEDIUM· v3 7.1 HIGH· v2 The function named ReadICONImage in coders\icon.c in ImageMagick 7.0.5-5 has a memory leak vulnerability which can cause memory exhaustion via a crafted ICON file.
CVE-2017-8357 2Debian Imagemagick 2Debian Linux Imagemagick May 13, 2026 Apr 30, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In ImageMagick 7.0.5-5, the ReadEPTImage function in ept.c allows attackers to cause a denial of service (memory leak) via a crafted file.

Previous 1...262728...39 Next