Max CVSS 6.8 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2020-25665 4.3
The PALM image coder at coders/palm.c makes an improper call to AcquireQuantumMemory() in routine WritePALMImage() because it needs to be offset by 256. This can cause a out-of-bounds read later on in the routine. The patch adds 256 to bytes_per_row
11-03-2023 - 23:15 08-12-2020 - 21:15
CVE-2020-27750 4.3
A flaw was found in ImageMagick in MagickCore/colorspace-private.h and MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `uns
11-03-2023 - 23:15 08-12-2020 - 22:15
CVE-2020-25674 4.3
WriteOnePNGImage() from coders/png.c (the PNG coder) has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. This occurs because it is possible for the colormap to have less than 256 valid values
11-03-2023 - 23:15 08-12-2020 - 22:15
CVE-2020-29599 6.8
ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible
11-03-2023 - 23:15 07-12-2020 - 20:15
CVE-2020-27773 4.3
A flaw was found in ImageMagick in MagickCore/gem-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char` or division by zero.
11-03-2023 - 23:15 04-12-2020 - 22:15
CVE-2020-27765 4.3
A flaw was found in ImageMagick in MagickCore/segment.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to applic
11-03-2023 - 23:15 04-12-2020 - 15:15
CVE-2020-27763 4.3
A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to applica
11-03-2023 - 23:15 03-12-2020 - 17:15
CVE-2020-27760 4.3
In `GammaImage()` of /MagickCore/enhance.c, depending on the `gamma` value, it's possible to trigger a divide-by-zero condition when a crafted input file is processed by ImageMagick. This could lead to an impact to application availability. The patch
11-03-2023 - 23:15 03-12-2020 - 17:15
CVE-2020-19667 6.8
Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7.
11-03-2023 - 23:15 20-11-2020 - 16:15
CVE-2020-27560 4.3
ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which may cause a denial of service.
11-03-2023 - 23:15 22-10-2020 - 14:15
CVE-2017-14528 4.3
The TIFFSetProfiles function in coders/tiff.c in ImageMagick 7.0.6 has incorrect expectations about whether LibTIFF TIFFGetField return values imply that data validation has occurred, which allows remote attackers to cause a denial of service (use-af
04-03-2021 - 20:34 18-09-2017 - 00:29
CVE-2020-29599 None
ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible
07-12-2020 - 20:15 07-12-2020 - 20:15
Back to Top Mark selected
Back to Top