Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:imagemagick:imagemagick:-:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 244 matching records.
Displaying matches 101 through 120.
Vuln ID Summary CVSS Severity
CVE-2017-11478

The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image.

Published: July 20, 2017; 12:29:00 PM -0400
V3.0: 6.5 MEDIUM
V2.0: 7.1 HIGH
CVE-2017-11450

coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short.

Published: July 19, 2017; 3:29:00 AM -0400
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2017-11449

coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin.

Published: July 19, 2017; 3:29:00 AM -0400
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2017-11448

The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file.

Published: July 19, 2017; 3:29:00 AM -0400
V3.1: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-11447

The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick before 7.0.6-1 has memory leaks, causing denial of service.

Published: July 19, 2017; 3:29:00 AM -0400
V3.1: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-11352

In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9144.

Published: July 17, 2017; 9:18:21 AM -0400
V3.1: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-9098

ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image data on behalf of multiple users. This is caused by a missing initialization step in the ReadRLEImage function in coders/rle.c.

Published: May 19, 2017; 3:29:00 PM -0400
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2016-7540

coders/rgf.c in ImageMagick before 6.9.4-10 allows remote attackers to cause a denial of service (assertion failure) by converting an image to rgf format.

Published: April 20, 2017; 2:59:01 PM -0400
V3.0: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-7538

coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.

Published: April 20, 2017; 2:59:01 PM -0400
V3.1: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-7536

magick/profile.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted profile.

Published: April 20, 2017; 2:59:01 PM -0400
V3.1: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-7535

coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PSD file.

Published: April 20, 2017; 2:59:01 PM -0400
V3.0: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-7534

The generic decoder in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted file.

Published: April 20, 2017; 2:59:01 PM -0400
V3.0: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-7532

coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.

Published: April 20, 2017; 2:59:01 PM -0400
V3.0: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-7530

The quantum handling code in ImageMagick allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds write) via a crafted file.

Published: April 20, 2017; 2:59:01 PM -0400
V3.0: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-7527

coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.

Published: April 20, 2017; 2:59:01 PM -0400
V3.1: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-7526

coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.

Published: April 20, 2017; 2:59:01 PM -0400
V3.1: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-7525

Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.

Published: April 20, 2017; 2:59:01 PM -0400
V3.0: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-7521

Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.

Published: April 20, 2017; 2:59:01 PM -0400
V3.0: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-7520

Heap-based buffer overflow in coders/hdr.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted HDR file.

Published: April 20, 2017; 2:59:01 PM -0400
V3.0: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-7518

The ReadSUNImage function in coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SUN file.

Published: April 20, 2017; 2:59:01 PM -0400
V3.0: 6.5 MEDIUM
V2.0: 4.3 MEDIUM