ImageMagick (SUSE:Linux Enterprise Server 12 SP2) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 12 SP2 package ImageMagick, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (200)
CVE-2017-13139 — CVSS 9.8 (critical): In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG…
CVE-2016-10144 — CVSS 9.8 (critical): coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check.
CVE-2016-10145 — CVSS 9.8 (critical): Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy.
CVE-2017-18211 — CVSS 9.8 (critical): In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function saveBinaryCLProgram in magick/opencl.c because a…
CVE-2017-5511 — CVSS 9.8 (critical): coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based…
CVE-2017-14138 — CVSS 9.8 (critical): ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases…
CVE-2017-16669 — CVSS 8.8 (high): coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (heap-based buffer overflow and application…
CVE-2017-13146 — CVSS 8.8 (high): In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory leak in the ReadMATImage function in coders/mat.c.
CVE-2017-13147 — CVSS 8.8 (high): In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file…
CVE-2018-8804 — CVSS 8.8 (high): WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double…
CVE-2017-11170 — CVSS 8.8 (high): The ReadTGAImage function in coders\tga.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via…
CVE-2017-14103 — CVSS 8.8 (high): The ReadJNGImage and ReadOneJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 do not properly manage image pointers after certain…
CVE-2017-11403 — CVSS 8.8 (high): The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a…
CVE-2017-14224 — CVSS 8.8 (high): A heap-based buffer overflow in WritePCXImage in coders/pcx.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of…
CVE-2017-11449 — CVSS 8.8 (high): coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote…
CVE-2017-11450 — CVSS 8.8 (high): coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have…
CVE-2017-12587 — CVSS 8.8 (high): ImageMagick 7.0.6-1 has a large loop vulnerability in the ReadPWPImage function in coders\pwp.c.
CVE-2017-12640 — CVSS 8.8 (high): ImageMagick 7.0.6-1 has an out-of-bounds read vulnerability in ReadOneMNGImage in coders/png.c.
CVE-2017-14682 — CVSS 8.8 (high): GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote attackers to cause a denial of service (heap-based buffer overflow…
CVE-2017-15281 — CVSS 8.8 (high): ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of service (application crash) or possibly…
CVE-2017-15930 — CVSS 8.8 (high): In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null Pointer Dereference occurs while transferring JPEG scanlines, related…
CVE-2017-16352 — CVSS 8.8 (high): GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of…
CVE-2017-16545 — CVSS 8.8 (high): The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote…
CVE-2017-16546 — CVSS 8.8 (high): The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which…
CVE-2016-8862 — CVSS 8.8 (high): The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick before 7.0.3.3 allows remote attackers to have unspecified impact…
CVE-2017-12935 — CVSS 8.8 (high): The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the…
CVE-2017-12983 — CVSS 8.8 (high): Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of…
CVE-2016-8866 — CVSS 8.8 (high): The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified…
CVE-2017-11638 — CVSS 8.8 (high): GraphicsMagick 1.3.26 has a segmentation violation in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image…
CVE-2017-11642 — CVSS 8.8 (high): GraphicsMagick 1.3.26 has a NULL pointer dereference in the WriteMAPImage() function in coders/map.c when processing a non-colormapped…
CVE-2017-18209 — CVSS 8.8 (high): In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs…
CVE-2017-17879 — CVSS 8.8 (high): In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length…
CVE-2017-14607 — CVSS 8.1 (high): In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage has been reported in coders/tiff.c. An attacker could…
CVE-2016-10065 — CVSS 7.8 (high): The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application…
CVE-2016-10049 — CVSS 7.8 (high): Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of…
CVE-2016-10050 — CVSS 7.8 (high): Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of…
CVE-2016-10059 — CVSS 7.8 (high): Buffer overflow in coders/tiff.c in ImageMagick before 6.9.4-1 allows remote attackers to cause a denial of service (application crash) or…
CVE-2016-10063 — CVSS 7.8 (high): Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or…
CVE-2016-8707 — CVSS 7.8 (high): An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF…
CVE-2016-10064 — CVSS 7.8 (high): Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or…
CVE-2017-5510 — CVSS 7.8 (high): coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds…
CVE-2016-10051 — CVSS 7.8 (high): Use-after-free vulnerability in the ReadPWPImage function in coders/pwp.c in ImageMagick 6.9.5-5 allows remote attackers to cause a denial…
CVE-2017-5506 — CVSS 7.8 (high): Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file.
CVE-2016-10052 — CVSS 7.8 (high): Buffer overflow in the WriteProfile function in coders/jpeg.c in ImageMagick before 6.9.5-6 allows remote attackers to cause a denial of…
CVE-2017-12429 — CVSS 7.5 (high): In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers…
CVE-2016-6823 — CVSS 7.5 (high): Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted…
CVE-2014-9848 — CVSS 7.5 (high): Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).
CVE-2017-12430 — CVSS 7.5 (high): In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to…
CVE-2017-11188 — CVSS 7.5 (high): The ReadDPXImage function in coders\dpx.c in ImageMagick 7.0.6-0 has a large loop vulnerability that can cause CPU exhaustion via a crafted…
CVE-2016-10048 — CVSS 7.5 (high): Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via…
CVE-2016-10146 — CVSS 7.5 (high): Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service (memory…
CVE-2017-9098 — CVSS 7.5 (high): ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak…
CVE-2017-5507 — CVSS 7.5 (high): Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service…
CVE-2017-12435 — CVSS 7.5 (high): In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadSUNImage in coders/sun.c, which allows attackers to…
CVE-2017-14739 — CVSS 7.5 (high): The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which…
CVE-2017-12418 — CVSS 7.5 (high): ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in…
CVE-2017-12428 — CVSS 7.5 (high): In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadWMFImage in coders/wmf.c, which allows attackers to cause…
CVE-2017-14042 — CVSS 6.5 (medium): A memory allocation failure was discovered in the ReadPNMImage function in coders/pnm.c in GraphicsMagick 1.3.26. The vulnerability causes…
CVE-2017-14060 — CVSS 6.5 (medium): In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in the ReadCUTImage function in coders/cut.c that could allow an…
CVE-2017-14172 — CVSS 6.5 (medium): In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU…
CVE-2017-14173 — CVSS 6.5 (medium): In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, an integer overflow might occur for the addition operation…
CVE-2017-14174 — CVSS 6.5 (medium): In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU…
CVE-2017-14175 — CVSS 6.5 (medium): In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU…
CVE-2017-14249 — CVSS 6.5 (medium): ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in coders/mpc.c, leading to division by zero in GetPixelCacheTileSize in…
CVE-2017-14314 — CVSS 6.5 (medium): Off-by-one error in the DrawImage function in magick/render.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service…
CVE-2017-14326 — CVSS 6.5 (medium): In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to…
CVE-2017-14341 — CVSS 6.5 (medium): ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in coders/wpg.c, causing CPU exhaustion via a crafted wpg image file.
CVE-2017-14342 — CVSS 6.5 (medium): ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c via a crafted wpg image file.
CVE-2017-14343 — CVSS 6.5 (medium): ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file.
CVE-2017-14505 — CVSS 6.5 (medium): DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform…
CVE-2017-14733 — CVSS 6.5 (medium): ReadRLEImage in coders/rle.c in GraphicsMagick 1.3.26 mishandles RLE headers that specify too few colors, which allows remote attackers to…
CVE-2017-14989 — CVSS 6.5 (medium): A use-after-free in RenderFreetype in MagickCore/annotate.c in ImageMagick 7.0.7-4 Q16 allows attackers to crash the application via a…
CVE-2017-15277 — CVSS 6.5 (medium): ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file…
CVE-2017-16353 — CVSS 6.5 (medium): GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the…
CVE-2017-8353 — CVSS 6.5 (medium): In ImageMagick 7.0.5-5, the ReadPICTImage function in pict.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2016-10060 — CVSS 6.5 (medium): The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc…
CVE-2016-10061 — CVSS 6.5 (medium): The ReadGROUP4Image function in coders/tiff.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which…
CVE-2016-7530 — CVSS 6.5 (medium): The quantum handling code in ImageMagick allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds write)…
CVE-2016-9559 — CVSS 6.5 (medium): coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a…
CVE-2017-1000445 — CVSS 6.5 (medium): ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of…
CVE-2017-1000476 — CVSS 6.5 (medium): ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to…
CVE-2017-11141 — CVSS 6.5 (medium): The ReadMATImage function in coders\mat.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a…
CVE-2017-11166 — CVSS 6.5 (medium): The ReadXWDImage function in coders\xwd.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a…
CVE-2017-11446 — CVSS 6.5 (medium): The ReadPESImage function in coders\pes.c in ImageMagick 7.0.6-1 has an infinite loop vulnerability that can cause CPU exhaustion via a…
CVE-2017-11448 — CVSS 6.5 (medium): The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from…
CVE-2017-11478 — CVSS 6.5 (medium): The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a…
CVE-2017-11505 — CVSS 6.5 (medium): The ReadOneJNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a…
CVE-2017-11523 — CVSS 6.5 (medium): The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial…
CVE-2017-11524 — CVSS 6.5 (medium): The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0 allows remote attackers to cause a denial…
CVE-2017-11525 — CVSS 6.5 (medium): The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of…
CVE-2017-11526 — CVSS 6.5 (medium): The ReadOneMNGImage function in coders/png.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial…
CVE-2017-11527 — CVSS 6.5 (medium): The ReadDPXImage function in coders/dpx.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of…
CVE-2017-11528 — CVSS 6.5 (medium): The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of…
CVE-2017-11529 — CVSS 6.5 (medium): The ReadMATImage function in coders/mat.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of…
CVE-2017-11530 — CVSS 6.5 (medium): The ReadEPTImage function in coders/ept.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of…
CVE-2017-11531 — CVSS 6.5 (medium): When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteHISTOGRAMImage() function in…
CVE-2017-11533 — CVSS 6.5 (medium): When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteUILImage() function…
CVE-2017-11534 — CVSS 6.5 (medium): When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the lite_font_map() function in coders/wmf.c.
CVE-2017-11535 — CVSS 6.5 (medium): When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WritePSImage() function…
CVE-2017-11537 — CVSS 6.5 (medium): When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Floating Point Exception (FPE) in the WritePALMImage()…
CVE-2017-11539 — CVSS 6.5 (medium): When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadOnePNGImage() function in…
CVE-2017-11639 — CVSS 6.5 (medium): When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteCIPImage() function…
CVE-2017-11640 — CVSS 6.5 (medium): When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to an address access exception in the WritePTIFImage() function…
CVE-2017-11644 — CVSS 6.5 (medium): When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadMATImage() function in coders/mat.c.
CVE-2017-11724 — CVSS 6.5 (medium): The ReadMATImage function in coders/mat.c in ImageMagick through 6.9.9-3 and 7.x through 7.0.6-3 has memory leaks involving the…
CVE-2017-11750 — CVSS 6.5 (medium): The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 and 7.0.6-4 allows remote attackers to cause a denial of service (NULL…
CVE-2017-11751 — CVSS 6.5 (medium): The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via…
CVE-2017-11752 — CVSS 6.5 (medium): The ReadMAGICKImage function in coders/magick.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak)…
CVE-2017-12140 — CVSS 6.5 (medium): The ReadDCMImage function in coders\dcm.c in ImageMagick 7.0.6-1 has an integer signedness error leading to excessive memory consumption…
CVE-2017-12427 — CVSS 6.5 (medium): The ProcessMSLScript function in coders/msl.c in ImageMagick before 6.9.9-5 and 7.x before 7.0.6-5 allows remote attackers to cause a…
CVE-2017-12431 — CVSS 6.5 (medium): In ImageMagick 7.0.6-1, a use-after-free vulnerability was found in the function ReadWMFImage in coders/wmf.c, which allows attackers to…
CVE-2017-12432 — CVSS 6.5 (medium): In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadPCXImage in coders/pcx.c, which allows attackers to…
CVE-2017-12433 — CVSS 6.5 (medium): In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadPESImage in coders/pes.c, which allows attackers to cause…
CVE-2017-12434 — CVSS 6.5 (medium): In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers…
CVE-2017-12563 — CVSS 6.5 (medium): In ImageMagick 7.0.6-2, a memory exhaustion vulnerability was found in the function ReadPSDImage in coders/psd.c, which allows attackers to…
CVE-2017-12564 — CVSS 6.5 (medium): In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause…
CVE-2017-12565 — CVSS 6.5 (medium): In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attackers to…
CVE-2017-12566 — CVSS 6.5 (medium): In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMVGImage in coders/mvg.c, which allows attackers to cause…
CVE-2017-12654 — CVSS 6.5 (medium): The ReadPICTImage function in coders/pict.c in ImageMagick 7.0.6-3 allows attackers to cause a denial of service (memory leak) via a…
CVE-2017-12670 — CVSS 6.5 (medium): In ImageMagick 7.0.6-3, missing validation was found in coders/mat.c, leading to an assertion failure in the function DestroyImage in…
CVE-2017-12671 — CVSS 6.5 (medium): In ImageMagick 7.0.6-3, a missing NULL assignment was found in coders/png.c, leading to an invalid free in the function…
CVE-2017-12672 — CVSS 6.5 (medium): In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause…
CVE-2017-12673 — CVSS 6.5 (medium): In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneMNGImage in coders/png.c, which allows attackers to…
CVE-2017-12674 — CVSS 6.5 (medium): In ImageMagick 7.0.6-2, a CPU exhaustion vulnerability was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to…
CVE-2017-12675 — CVSS 6.5 (medium): In ImageMagick 7.0.6-3, a missing check for multidimensional data was found in coders/mat.c, leading to a memory leak in the function…
CVE-2017-12676 — CVSS 6.5 (medium): In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attackers to…
CVE-2017-12691 — CVSS 6.5 (medium): The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption)…
CVE-2017-12692 — CVSS 6.5 (medium): The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory…
CVE-2017-12693 — CVSS 6.5 (medium): The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption)…
CVE-2017-13058 — CVSS 6.5 (medium): In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allows attackers to…
CVE-2017-13059 — CVSS 6.5 (medium): In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WriteOneJNGImage in coders/png.c, which allows attackers to…
CVE-2017-13060 — CVSS 6.5 (medium): In ImageMagick 7.0.6-5, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause…
CVE-2017-13061 — CVSS 6.5 (medium): In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which allows…
CVE-2017-13062 — CVSS 6.5 (medium): In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function formatIPTC in coders/meta.c, which allows attackers to cause…
CVE-2017-13131 — CVSS 6.5 (medium): In ImageMagick 7.0.6-8, a memory leak vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to…
CVE-2017-13133 — CVSS 6.5 (medium): In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of…
CVE-2017-13134 — CVSS 6.5 (medium): In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer over-read was found in the function SFWScan in coders/sfw.c, which…
CVE-2017-13141 — CVSS 6.5 (medium): In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could trigger a memory leak in ReadOnePNGImage in coders/png.c.
CVE-2017-13142 — CVSS 6.5 (medium): In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for…
CVE-2017-13648 — CVSS 6.5 (medium): In GraphicsMagick 1.3.26, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c.
CVE-2017-13658 — CVSS 6.5 (medium): In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading…
CVE-2017-13768 — CVSS 6.5 (medium): Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to…
CVE-2017-13769 — CVSS 6.5 (medium): The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service…
CVE-2017-9407 — CVSS 6.5 (medium): In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9409 — CVSS 6.5 (medium): In ImageMagick 7.0.5-5, the ReadMPCImage function in mpc.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9439 — CVSS 6.5 (medium): In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of…
CVE-2017-9440 — CVSS 6.5 (medium): In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPSDChannel in coders/psd.c, which allows attackers to cause a denial of…
CVE-2017-9500 — CVSS 6.5 (medium): In ImageMagick 7.0.5-8 Q16, an assertion failure was found in the function ResetImageProfileIterator, which allows attackers to cause a…
CVE-2017-9501 — CVSS 6.5 (medium): In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of…
CVE-2018-5685 — CVSS 6.5 (medium): In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function (coders/bmp.c). Remote attackers…
CVE-2018-6405 — CVSS 6.5 (medium): In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten…
CVE-2018-7443 — CVSS 6.5 (medium): The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly validate the amount of image data in a file…
CVE-2018-7470 — CVSS 6.5 (medium): An issue was discovered in ImageMagick 7.0.7-22 Q16. The IsWEBPImageLossless function in coders/webp.c allows attackers to cause a denial…
CVE-2017-17504 — CVSS 6.5 (medium): ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to…
CVE-2017-17680 — CVSS 6.5 (medium): In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to…
CVE-2017-17681 — CVSS 6.5 (medium): In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows…
CVE-2017-17682 — CVSS 6.5 (medium): In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers…
CVE-2017-17881 — CVSS 6.5 (medium): In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to…
CVE-2017-17882 — CVSS 6.5 (medium): In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to…
CVE-2017-17884 — CVSS 6.5 (medium): In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function WriteOnePNGImage in coders/png.c, which allows attackers…
CVE-2017-17885 — CVSS 6.5 (medium): In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allows attackers…
CVE-2017-17914 — CVSS 6.5 (medium): In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a…
CVE-2017-17934 — CVSS 6.5 (medium): ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with…
CVE-2017-18027 — CVSS 6.5 (medium): In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote…
CVE-2017-18028 — CVSS 6.5 (medium): In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote…
CVE-2017-18029 — CVSS 6.5 (medium): In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote…
CVE-2017-7606 — CVSS 6.5 (medium): coders/rle.c in ImageMagick 7.0.5-4 has an "outside the range of representable values of type unsigned char" undefined behavior issue…
CVE-2017-7941 — CVSS 6.5 (medium): The ReadSGIImage function in sgi.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted…
CVE-2017-7942 — CVSS 6.5 (medium): The ReadAVSImage function in avs.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted…
CVE-2017-7943 — CVSS 6.5 (medium): The ReadSVGImage function in svg.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted…
CVE-2017-8343 — CVSS 6.5 (medium): In ImageMagick 7.0.5-5, the ReadAAIImage function in aai.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-8344 — CVSS 6.5 (medium): In ImageMagick 7.0.5-5, the ReadPCXImage function in pcx.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-8345 — CVSS 6.5 (medium): In ImageMagick 7.0.5-5, the ReadMNGImage function in png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-8346 — CVSS 6.5 (medium): In ImageMagick 7.0.5-5, the ReadDCMImage function in dcm.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-8347 — CVSS 6.5 (medium): In ImageMagick 7.0.5-5, the ReadEXRImage function in exr.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-8348 — CVSS 6.5 (medium): In ImageMagick 7.0.5-5, the ReadMATImage function in mat.c allows attackers to cause a denial of service (memory leak) via a crafted file.