National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): ImageMagick
There are 449 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2018-6930

A stack-based buffer over-read in the ComputeResizeImage function in the MagickCore/accelerate.c file of ImageMagick 7.0.7-22 allows a remote attacker to cause a denial of service (application crash) via a maliciously crafted pict file.

Published: February 13, 2018; 12:29:00 AM -05:00
(not available)
CVE-2018-1000041

GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in the victim's Windows username and NTLM password hash being leaked to remote attackers through SMB. This attack appear to be exploitable via The victim must process a specially crafted SVG file containing an UNC path on Windows.

Published: February 09, 2018; 06:29:01 PM -05:00
(not available)
CVE-2018-6876

THe OLEProperty class in ole/oleprop.cpp in libfpx 1.3.1-10, as used in ImageMagick 7.0.7-22 Q16 and other products, allows remote attackers to cause a denial of service (stack-based buffer under-read) via a crafted bmp image.

Published: February 09, 2018; 01:29:00 PM -05:00
(not available)
CVE-2018-6405

In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service.

Published: January 30, 2018; 04:29:00 PM -05:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2017-18029

In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.

Published: January 12, 2018; 03:29:00 PM -05:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2017-18028

In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file.

Published: January 12, 2018; 03:29:00 PM -05:00
V3: 6.5 MEDIUM
V2: 7.1 HIGH
CVE-2017-18027

In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.

Published: January 12, 2018; 03:29:00 PM -05:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2018-5358

ImageMagick 7.0.7-22 Q16 has memory leaks in the EncodeImageAttributes function in coders/json.c, as demonstrated by the ReadPSDLayersInternal function in coders/psd.c.

Published: January 12, 2018; 04:29:00 AM -05:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2018-5357

ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function in coders/dcm.c.

Published: January 12, 2018; 04:29:00 AM -05:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2018-5248

In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode function.

Published: January 05, 2018; 02:29:00 PM -05:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2018-5247

In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c.

Published: January 05, 2018; 02:29:00 PM -05:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2018-5246

In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c.

Published: January 05, 2018; 02:29:00 PM -05:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2017-18022

In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c.

Published: January 05, 2018; 02:29:00 PM -05:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2017-1000476

ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service.

Published: January 03, 2018; 01:29:00 PM -05:00
V3: 6.5 MEDIUM
V2: 7.1 HIGH
CVE-2017-1000445

ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service

Published: January 02, 2018; 10:29:00 AM -05:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2017-18008

In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in coders/pwp.c.

Published: January 01, 2018; 03:29:00 AM -05:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2017-17934

ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with mishandling of MSLPushImage calls.

Published: December 27, 2017; 12:08:22 PM -05:00
V3: 6.5 MEDIUM
V2: 5.0 MEDIUM
CVE-2017-17914

In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service (ReadOneMNGImage large loop) via a crafted mng image file.

Published: December 27, 2017; 12:08:22 PM -05:00
V3: 6.5 MEDIUM
V2: 7.1 HIGH
CVE-2017-17887

In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function GetImagePixelCache in magick/cache.c, which allows attackers to cause a denial of service via a crafted MNG image file that is processed by ReadOneMNGImage.

Published: December 27, 2017; 12:08:21 PM -05:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2017-17886

In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service via a crafted psd image file.

Published: December 27, 2017; 12:08:21 PM -05:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM