Total
705 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-9440 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPSDChannel in coders/psd.c, which allows attackers to cause a denial of service via a crafted file.
|
|||||
| CVE-2017-13139 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
|
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.
|
|||||
| CVE-2016-7532 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
|
|||||
| CVE-2017-12673 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service.
|
|||||
| CVE-2017-12563 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 7.1 HIGH | 6.5 MEDIUM |
|
In ImageMagick 7.0.6-2, a memory exhaustion vulnerability was found in the function ReadPSDImage in coders/psd.c, which allows attackers to cause a denial of service.
|
|||||
| CVE-2017-12641 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
|
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadOneJNGImage in coders\png.c.
|
|||||
| CVE-2016-7539 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 7.8 HIGH | 7.5 HIGH |
|
Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
|
|||||
| CVE-2017-17879 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
|
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error.
|
|||||
| CVE-2017-15017 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
|
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c.
|
|||||
| CVE-2017-12691 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2025-04-20 | 7.1 HIGH | 6.5 MEDIUM |
|
The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
|
|||||
| CVE-2017-11538 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteOnePNGImage() function in coders/png.c.
|
|||||
| CVE-2017-14173 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, an integer overflow might occur for the addition operation "GetQuantumRange(depth)+1" when "depth" is large, producing a smaller value than expected. As a result, an infinite loop would occur for a crafted TXT file that claims a very large "max_value" value.
|
|||||
| CVE-2014-9853 | 6 Canonical, Imagemagick, Novell and 3 more | 11 Ubuntu Linux, Imagemagick, Leap and 8 more | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.
|
|||||
| CVE-2016-10052 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
|
Buffer overflow in the WriteProfile function in coders/jpeg.c in ImageMagick before 6.9.5-6 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
|
|||||
| CVE-2016-7528 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted VIFF file.
|
|||||
| CVE-2017-14682 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
|
GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted SVG document, a different vulnerability than CVE-2017-10928.
|
|||||
| CVE-2017-11755 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an AcquireSemaphoreInfo call.
|
|||||
| CVE-2017-17680 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted xpm image file.
|
|||||
| CVE-2014-9835 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
|
Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file.
|
|||||
| CVE-2017-8344 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
In ImageMagick 7.0.5-5, the ReadPCXImage function in pcx.c allows attackers to cause a denial of service (memory leak) via a crafted file.
|
|||||
| CVE-2016-10144 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
|
coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check.
|
|||||
| CVE-2016-7531 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PDB file.
|
|||||
| CVE-2016-10064 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
|
Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
|
|||||
| CVE-2014-9821 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
|
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file.
|
|||||
| CVE-2017-11525 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 7.1 HIGH | 6.5 MEDIUM |
|
The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
|
|||||
| CVE-2014-9832 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
|
Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file.
|
|||||
| CVE-2017-6497 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered in ImageMagick 6.9.7. A specially crafted psd file could lead to a NULL pointer dereference (thus, a DoS).
|
|||||
| CVE-2017-9439 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service via a crafted file.
|
|||||
| CVE-2017-14060 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in the ReadCUTImage function in coders/cut.c that could allow an attacker to cause a Denial of Service (in the QueueAuthenticPixelCacheNexus function within the MagickCore/cache.c file) by submitting a malformed image file.
|
|||||
| CVE-2016-10046 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Heap-based buffer overflow in the DrawImage function in magick/draw.c in ImageMagick before 6.9.5-5 allows remote attackers to cause a denial of service (application crash) via a crafted image file.
|
|||||
| CVE-2017-11526 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 7.1 HIGH | 6.5 MEDIUM |
|
The ReadOneMNGImage function in coders/png.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted file.
|
|||||
| CVE-2016-10058 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 7.1 HIGH | 5.5 MEDIUM |
|
Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick before 6.9.6-3 allows remote attackers to cause a denial of service (memory consumption) via a crafted image file.
|
|||||
| CVE-2017-8354 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
In ImageMagick 7.0.5-5, the ReadBMPImage function in bmp.c allows attackers to cause a denial of service (memory leak) via a crafted file.
|
|||||
| CVE-2017-12668 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
|
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePCXImage in coders/pcx.c.
|
|||||
| CVE-2016-10050 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
|
Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
|
|||||
| CVE-2017-11537 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Floating Point Exception (FPE) in the WritePALMImage() function in coders/palm.c, related to an incorrect bits-per-pixel calculation.
|
|||||
| CVE-2017-17882 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted XPM image file.
|
|||||
| CVE-2017-14531 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2025-04-20 | 7.1 HIGH | 6.5 MEDIUM |
|
ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in coders/sun.c.
|
|||||
| CVE-2017-14175 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2025-04-20 | 7.1 HIGH | 6.5 MEDIUM |
|
In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is provided, the loop over the rows would consume huge CPU resources, since there is no EOF check inside the loop.
|
|||||
| CVE-2017-17883 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPGXImage in coders/pgx.c, which allows attackers to cause a denial of service via a crafted PGX image file.
|
|||||