Max CVSS | 7.5 | Min CVSS | 3.6 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-19949 | 6.4 |
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.
|
31-10-2022 - 14:50 | 24-12-2019 - 01:15 | |
CVE-2019-10131 | 3.6 |
An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program.
|
28-10-2021 - 12:20 | 30-04-2019 - 19:29 | |
CVE-2018-20467 | 4.3 |
In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.
|
28-04-2021 - 19:14 | 26-12-2018 - 03:29 | |
CVE-2019-19949 | 6.4 |
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.
|
30-09-2020 - 20:15 | 24-12-2019 - 01:15 | |
CVE-2018-14551 | 7.5 |
The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses an uninitialized variable, leading to memory corruption.
|
24-08-2020 - 17:37 | 23-07-2018 - 08:29 | |
CVE-2019-13297 | 6.8 |
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.
|
19-08-2020 - 18:59 | 05-07-2019 - 01:15 | |
CVE-2019-13295 | 6.8 |
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.
|
19-08-2020 - 18:59 | 05-07-2019 - 01:15 | |
CVE-2019-12979 | 6.8 |
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.
|
19-08-2020 - 18:59 | 26-06-2019 - 18:15 | |
CVE-2019-13454 | 4.3 |
ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.
|
19-08-2020 - 18:58 | 09-07-2019 - 17:15 | |
CVE-2019-14981 | 4.3 |
In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.
|
19-08-2020 - 18:58 | 12-08-2019 - 23:15 | |
CVE-2018-8804 | 6.8 |
WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file.
|
19-08-2020 - 02:15 | 20-03-2018 - 05:29 | |
CVE-2018-7443 | 4.3 |
The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly validate the amount of image data in a file, which allows remote attackers to cause a denial of service (memory allocation failure in the AcquireMagickMemory fu
|
19-08-2020 - 02:15 | 23-02-2018 - 22:29 | |
CVE-2018-9133 | 4.3 |
ImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLabImage and EncodeLabImage functions (coders/tiff.c), which results in a hang (tens of minutes) with a tiny PoC file. Remote attackers could leverage this vulnerability to cause a denial
|
19-08-2020 - 02:15 | 30-03-2018 - 08:29 | |
CVE-2018-8960 | 6.8 |
The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read.
|
19-08-2020 - 02:15 | 23-03-2018 - 21:29 | |
CVE-2017-18252 | 4.3 |
An issue was discovered in ImageMagick 7.0.7. The MogrifyImageList function in MagickWand/mogrify.c allows attackers to cause a denial of service (assertion failure and application exit in ReplaceImageInList) via a crafted file.
|
19-08-2020 - 02:15 | 27-03-2018 - 03:29 | |
CVE-2019-12974 | 4.3 |
A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image.
|
19-08-2020 - 02:15 | 26-06-2019 - 18:15 | |
CVE-2017-17681 | 7.1 |
In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted psd image file.
|
19-08-2020 - 02:15 | 14-12-2017 - 06:29 | |
CVE-2018-18024 | 4.3 |
In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ReadBMPImage function of the coders/bmp.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.
|
19-08-2020 - 02:15 | 07-10-2018 - 18:29 | |
CVE-2019-12978 | 6.8 |
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the ReadPANGOImage function in coders/pango.c.
|
19-08-2020 - 02:15 | 26-06-2019 - 18:15 | |
CVE-2019-12977 | 6.8 |
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the WriteJP2Image function in coders/jp2.c.
|
19-08-2020 - 02:15 | 26-06-2019 - 18:15 | |
CVE-2019-11597 | 5.8 |
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file.
|
19-08-2020 - 02:15 | 29-04-2019 - 16:29 | |
CVE-2019-11472 | 4.3 |
ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB fir
|
19-08-2020 - 02:15 | 23-04-2019 - 14:29 | |
CVE-2019-11470 | 7.1 |
The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin
|
19-08-2020 - 02:15 | 23-04-2019 - 14:29 | |
CVE-2017-12805 | 5.0 |
In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function ReadTIFFImage, which allows attackers to cause a denial of service.
|
19-08-2020 - 02:15 | 09-05-2019 - 16:29 | |
CVE-2018-10177 | 4.3 |
In ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGImage function of the coders/png.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted mng file.
|
19-08-2020 - 02:15 | 16-04-2018 - 23:29 |