Max CVSS 6.8 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2020-29599 6.8
ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible
29-03-2021 - 19:40 07-12-2020 - 20:15
CVE-2020-29599 None
ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible
07-12-2020 - 20:15 07-12-2020 - 20:15
CVE-2019-9956 6.8
In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an attacker to cause a denial of service or code execution via a crafted image file.
24-08-2020 - 17:37 24-03-2019 - 00:29
CVE-2012-1798 4.3
The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image.
31-07-2020 - 18:43 05-06-2012 - 22:55
CVE-2016-3718 4.3
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
09-10-2018 - 20:00 05-05-2016 - 18:59
CVE-2016-5240 4.3
The DrawDashPolygon function in magick/render.c in GraphicsMagick before 1.3.24 and the SVG renderer in ImageMagick allow remote attackers to cause a denial of service (infinite loop) by converting a circularly defined SVG file.
18-05-2018 - 01:29 27-02-2017 - 22:59
Back to Top Mark selected
Back to Top