National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): ImageMagick
There are 483 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2018-14551

The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses an uninitialized variable, leading to memory corruption.

Published: July 23, 2018; 04:29:00 AM -04:00
(not available)
CVE-2018-14437

ImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c.

Published: July 19, 2018; 08:29:00 PM -04:00
(not available)
CVE-2018-14436

ImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in coders/miff.c.

Published: July 19, 2018; 08:29:00 PM -04:00
(not available)
CVE-2018-14435

ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c.

Published: July 19, 2018; 08:29:00 PM -04:00
(not available)
CVE-2018-14434

ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c.

Published: July 19, 2018; 08:29:00 PM -04:00
(not available)
CVE-2018-13153

In ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand function in MagickCore/animate.c.

Published: July 04, 2018; 10:29:00 PM -04:00
(not available)
CVE-2018-12600

In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file.

Published: June 20, 2018; 02:29:00 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2018-12599

In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file.

Published: June 20, 2018; 02:29:00 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2018-11656

In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function ReadDCMImage in coders/dcm.c, which allows attackers to cause a denial of service via a crafted DCM image file.

Published: June 01, 2018; 11:29:00 AM -04:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2018-11655

In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function GetImagePixelCache in MagickCore/cache.c, which allows attackers to cause a denial of service via a crafted CALS image file.

Published: June 01, 2018; 11:29:00 AM -04:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-10571

bkjs-wand is imagemagick wand support for node.js and backendjs bkjs-wand versions lower than 0.3.2 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server.

Published: May 31, 2018; 04:29:02 PM -04:00
V3: 8.1 HIGH
V2: 9.3 HIGH
CVE-2018-11625

In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via a crafted file.

Published: May 31, 2018; 12:29:00 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2018-11624

In ImageMagick 7.0.7-36 Q16, the ReadMATImage function in coders/mat.c allows attackers to cause a use after free via a crafted file.

Published: May 31, 2018; 12:29:00 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2018-11251

In ImageMagick 7.0.7-23 Q16 x86_64 2018-01-24, there is a heap-based buffer over-read in ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service (application crash in SetGrayscaleImage in MagickCore/quantize.c) via a crafted SUN image file.

Published: May 18, 2018; 03:29:00 PM -04:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2017-18273

In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList call.

Published: May 18, 2018; 03:29:00 PM -04:00
V3: 6.5 MEDIUM
V2: 7.1 HIGH
CVE-2017-18272

In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-25, there is a use-after-free in ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted MNG image file that is mishandled in an MngInfoDiscardObject call.

Published: May 18, 2018; 03:29:00 PM -04:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2017-18271

In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file.

Published: May 18, 2018; 03:29:00 PM -04:00
V3: 6.5 MEDIUM
V2: 7.1 HIGH
CVE-2018-10805

ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.

Published: May 08, 2018; 03:29:00 AM -04:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2018-10804

ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c.

Published: May 08, 2018; 03:29:00 AM -04:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2018-10177

In ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGImage function of the coders/png.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted mng file.

Published: April 16, 2018; 07:29:00 PM -04:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM