Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Imagemagick Subscribe
Filtered by product Imagemagick
Total 645 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-10928 1 Imagemagick 1 Imagemagick 2019-10-03 6.8 MEDIUM 8.8 HIGH
In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function in coders/svg.c.
CVE-2017-17885 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2019-10-03 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allows attackers to cause a denial of service via a crafted PICT image file.
CVE-2017-12642 1 Imagemagick 1 Imagemagick 2019-10-03 6.8 MEDIUM 8.8 HIGH
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMPCImage in coders\mpc.c.
CVE-2017-11525 1 Imagemagick 1 Imagemagick 2019-10-03 7.1 HIGH 6.5 MEDIUM
The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
CVE-2018-11625 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2019-10-03 6.8 MEDIUM 8.8 HIGH
In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via a crafted file.
CVE-2017-17882 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2019-10-03 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted XPM image file.
CVE-2017-9407 1 Imagemagick 1 Imagemagick 2019-10-03 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-18008 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2019-10-03 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in coders/pwp.c.
CVE-2018-11251 1 Imagemagick 1 Imagemagick 2019-10-03 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.7-23 Q16 x86_64 2018-01-24, there is a heap-based buffer over-read in ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service (application crash in SetGrayscaleImage in MagickCore/quantize.c) via a crafted SUN image file.
CVE-2017-15032 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2019-10-03 7.5 HIGH 9.8 CRITICAL
ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.
CVE-2017-11478 1 Imagemagick 1 Imagemagick 2019-10-03 7.1 HIGH 6.5 MEDIUM
The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image.
CVE-2017-12672 1 Imagemagick 1 Imagemagick 2019-10-03 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service.
CVE-2018-17966 1 Imagemagick 1 Imagemagick 2019-10-03 4.3 MEDIUM 6.5 MEDIUM
ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePDBImage in coders/pdb.c.
CVE-2017-7943 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2019-10-03 4.3 MEDIUM 6.5 MEDIUM
The ReadSVGImage function in svg.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.
CVE-2017-9499 1 Imagemagick 1 Imagemagick 2019-10-03 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function SetPixelChannelAttributes, which allows attackers to cause a denial of service via a crafted file.
CVE-2018-5247 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2019-10-03 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c.
CVE-2017-18028 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2019-10-03 7.1 HIGH 6.5 MEDIUM
In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file.
CVE-2017-14138 1 Imagemagick 1 Imagemagick 2019-10-03 7.5 HIGH 9.8 CRITICAL
ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors.
CVE-2017-7619 1 Imagemagick 1 Imagemagick 2019-10-03 5.0 MEDIUM 7.5 HIGH
In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms. This affects ModulateHSL, ModulateHCL, ModulateHCLp, ModulateHSB, ModulateHSI, ModulateHSV, ModulateHWB, ModulateLCHab, and ModulateLCHuv.
CVE-2018-5246 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2019-10-03 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c.