Total
645 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-13137 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c. | |||||
CVE-2019-13133 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c. | |||||
CVE-2019-12977 | 1 Imagemagick | 1 Imagemagick | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the WriteJP2Image function in coders/jp2.c. | |||||
CVE-2017-12805 | 1 Imagemagick | 1 Imagemagick | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function ReadTIFFImage, which allows attackers to cause a denial of service. | |||||
CVE-2019-13134 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c. | |||||
CVE-2019-10131 | 5 Canonical, Debian, Imagemagick and 2 more | 5 Ubuntu Linux, Debian Linux, Imagemagick and 2 more | 2023-12-10 | 3.6 LOW | 7.1 HIGH |
An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program. | |||||
CVE-2019-13310 | 3 Canonical, Imagemagick, Opensuse | 3 Ubuntu Linux, Imagemagick, Leap | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c. | |||||
CVE-2019-13135 | 4 Canonical, Debian, F5 and 1 more | 5 Ubuntu Linux, Debian Linux, Big-ip Application Acceleration Manager and 2 more | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c. | |||||
CVE-2019-10650 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2023-12-10 | 5.8 MEDIUM | 8.1 HIGH |
In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file. | |||||
CVE-2019-12979 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c. | |||||
CVE-2019-13303 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/composite.c in CompositeImage. | |||||
CVE-2019-11470 | 1 Imagemagick | 1 Imagemagick | 2023-12-10 | 7.1 HIGH | 6.5 MEDIUM |
The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file. | |||||
CVE-2018-16645 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
There is an excessive memory allocation issue in the functions ReadBMPImage of coders/bmp.c and ReadDIBImage of coders/dib.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image file. | |||||
CVE-2018-18024 | 1 Imagemagick | 1 Imagemagick | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ReadBMPImage function of the coders/bmp.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. | |||||
CVE-2018-14551 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses an uninitialized variable, leading to memory corruption. | |||||
CVE-2018-18016 | 1 Imagemagick | 1 Imagemagick | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePCXImage in coders/pcx.c. | |||||
CVE-2018-18023 | 1 Imagemagick | 1 Imagemagick | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the SVGStripString function of coders/svg.c, which allows attackers to cause a denial of service via a crafted SVG image file. | |||||
CVE-2018-18025 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the EncodeImage function of coders/pict.c, which allows attackers to cause a denial of service via a crafted SVG image file. | |||||
CVE-2018-17965 | 1 Imagemagick | 1 Imagemagick | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
ImageMagick 7.0.7-28 has a memory leak vulnerability in WriteSGIImage in coders/sgi.c. | |||||
CVE-2018-14435 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c. |