Total
645 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-19948 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c. | |||||
CVE-2019-19949 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2023-12-10 | 6.4 MEDIUM | 9.1 CRITICAL |
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare. | |||||
CVE-2019-18853 | 1 Imagemagick | 1 Imagemagick | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because XML_PARSE_HUGE is not properly restricted in coders/svg.c, related to SVG and libxml2. | |||||
CVE-2014-1947 | 2 Imagemagick, Suse | 4 Imagemagick, Linux Enterprise Desktop, Linux Enterprise Server and 1 more | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L%02ld string, a different vulnerability than CVE-2014-2030. | |||||
CVE-2019-16713 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c. | |||||
CVE-2019-9956 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an attacker to cause a denial of service or code execution via a crafted image file. | |||||
CVE-2019-11597 | 1 Imagemagick | 1 Imagemagick | 2023-12-10 | 5.8 MEDIUM | 8.1 HIGH |
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. | |||||
CVE-2019-13391 | 1 Imagemagick | 1 Imagemagick | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels. | |||||
CVE-2019-13302 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/fourier.c in ComplexImages. | |||||
CVE-2019-13308 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage. | |||||
CVE-2019-15139 | 1 Imagemagick | 1 Imagemagick | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472. | |||||
CVE-2019-14981 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file. | |||||
CVE-2019-7175 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c. | |||||
CVE-2017-12806 | 1 Imagemagick | 1 Imagemagick | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function format8BIM, which allows attackers to cause a denial of service. | |||||
CVE-2019-13311 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error. | |||||
CVE-2019-13296 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
ImageMagick 7.0.8-50 Q16 has direct memory leaks in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c for a NULL value. | |||||
CVE-2019-13454 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c. | |||||
CVE-2019-12976 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c. | |||||
CVE-2019-13136 | 1 Imagemagick | 1 Imagemagick | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c. | |||||
CVE-2019-13306 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors. |