CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Imagemagick » Imagemagick : Security Vulnerabilities (CVSS score between 4 and 4.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-16713 772 2019-09-23 2019-09-23
4.3
None Remote Medium Not required None None Partial
ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.
2 CVE-2019-16712 772 2019-09-23 2019-09-23
4.3
None Remote Medium Not required None None Partial
ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image.
3 CVE-2019-16711 772 2019-09-23 2019-09-23
4.3
None Remote Medium Not required None None Partial
ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.
4 CVE-2019-16710 772 2019-09-23 2019-09-23
4.3
None Remote Medium Not required None None Partial
ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.
5 CVE-2019-16709 772 2019-09-23 2019-09-23
4.3
None Remote Medium Not required None None Partial
ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.
6 CVE-2019-16708 772 2019-09-23 2019-09-23
4.3
None Remote Medium Not required None None Partial
ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.
7 CVE-2019-15141 125 2019-08-18 2019-08-22
4.3
None Remote Medium Not required None None Partial
WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for CVE-2019-11597.
8 CVE-2019-15139 125 2019-08-18 2019-08-28
4.3
None Remote Medium Not required None None Partial
The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472.
9 CVE-2019-14981 369 DoS 2019-08-12 2019-08-16
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.
10 CVE-2019-14980 416 DoS 2019-08-12 2019-08-16
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file.
11 CVE-2019-13454 369 2019-07-09 2019-08-21
4.3
None Remote Medium Not required None None Partial
ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.
12 CVE-2019-13311 399 2019-07-04 2019-08-21
4.3
None Remote Medium Not required None None Partial
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.
13 CVE-2019-13310 399 2019-07-04 2019-08-21
4.3
None Remote Medium Not required None None Partial
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c.
14 CVE-2019-13309 399 2019-07-04 2019-08-21
4.3
None Remote Medium Not required None None Partial
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c.
15 CVE-2019-13301 399 2019-07-04 2019-08-21
4.3
None Remote Medium Not required None None Partial
ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.
16 CVE-2019-13296 399 2019-07-04 2019-08-21
4.3
None Remote Medium Not required None None Partial
ImageMagick 7.0.8-50 Q16 has direct memory leaks in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c for a NULL value.
17 CVE-2019-13137 399 2019-07-01 2019-08-21
4.3
None Remote Medium Not required None None Partial
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.
18 CVE-2019-13134 399 2019-07-01 2019-08-21
4.3
None Remote Medium Not required None None Partial
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c.
19 CVE-2019-13133 399 2019-07-01 2019-08-21
4.3
None Remote Medium Not required None None Partial
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c.
20 CVE-2019-12976 399 2019-06-26 2019-06-28
4.3
None Remote Medium Not required None None Partial
ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c.
21 CVE-2019-12975 399 2019-06-26 2019-06-28
4.3
None Remote Medium Not required None None Partial
ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.
22 CVE-2019-12974 476 DoS 2019-06-26 2019-06-28
4.3
None Remote Medium Not required None None Partial
A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image.
23 CVE-2019-11472 369 2019-04-23 2019-06-24
4.3
None Remote Medium Not required None None Partial
ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.
24 CVE-2019-10714 125 2019-04-02 2019-04-03
4.3
None Remote Medium Not required None None Partial
LocaleLowercase in MagickCore/locale.c in ImageMagick before 7.0.8-32 allows out-of-bounds access, leading to a SIGSEGV.
25 CVE-2019-10649 399 DoS 2019-03-30 2019-06-25
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.
26 CVE-2018-20467 835 DoS 2018-12-25 2019-10-02
4.3
None Remote Medium Not required None None Partial
In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.
27 CVE-2018-18544 772 2018-10-20 2019-10-02
4.3
None Remote Medium Not required None None Partial
There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31.
28 CVE-2018-18025 125 DoS 2018-10-07 2019-06-25
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the EncodeImage function of coders/pict.c, which allows attackers to cause a denial of service via a crafted SVG image file.
29 CVE-2018-18024 835 DoS 2018-10-07 2019-10-02
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ReadBMPImage function of the coders/bmp.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.
30 CVE-2018-18023 125 DoS 2018-10-07 2019-06-25
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the SVGStripString function of coders/svg.c, which allows attackers to cause a denial of service via a crafted SVG image file.
31 CVE-2018-18016 772 2018-10-05 2019-10-02
4.3
None Remote Medium Not required None None Partial
ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePCXImage in coders/pcx.c.
32 CVE-2018-17967 772 2018-10-03 2019-10-02
4.3
None Remote Medium Not required None None Partial
ImageMagick 7.0.7-28 has a memory leak vulnerability in ReadBGRImage in coders/bgr.c.
33 CVE-2018-17966 772 2018-10-03 2019-10-02
4.3
None Remote Medium Not required None None Partial
ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePDBImage in coders/pdb.c.
34 CVE-2018-17965 772 2018-10-03 2019-10-02
4.3
None Remote Medium Not required None None Partial
ImageMagick 7.0.7-28 has a memory leak vulnerability in WriteSGIImage in coders/sgi.c.
35 CVE-2018-16750 772 2018-09-09 2019-10-02
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfromBuffer function in coders/meta.c was found.
36 CVE-2018-16749 617 DoS 2018-09-09 2019-10-02
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file.
37 CVE-2018-16645 770 DoS 2018-09-06 2019-10-02
4.3
None Remote Medium Not required None None Partial
There is an excessive memory allocation issue in the functions ReadBMPImage of coders/bmp.c and ReadDIBImage of coders/dib.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image file.
38 CVE-2018-16644 20 DoS 2018-09-06 2019-05-03
4.3
None Remote Medium Not required None None Partial
There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image.
39 CVE-2018-16643 20 DoS 2018-09-06 2018-10-25
4.3
None Remote Medium Not required None None Partial
The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders/cals.c, and ReadPICTImage in coders/pict.c in ImageMagick 7.0.8-4 do not check the return value of the fputc function, which allows remote attackers to cause a denial of service via a crafted image file.
40 CVE-2018-16642 787 DoS 2018-09-06 2018-10-25
4.3
None Remote Medium Not required None None Partial
The function InsertRow in coders/cut.c in ImageMagick 7.0.7-37 allows remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write.
41 CVE-2018-16641 772 2018-09-06 2019-10-02
4.3
None Remote Medium Not required None None Partial
ImageMagick 7.0.8-6 has a memory leak vulnerability in the TIFFWritePhotoshopLayers function in coders/tiff.c.
42 CVE-2018-16640 772 2018-09-06 2019-10-02
4.3
None Remote Medium Not required None None Partial
ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ReadOneJNGImage in coders/png.c.
43 CVE-2018-16323 200 +Info 2018-09-01 2019-06-25
4.3
None Remote Medium Not required Partial None None
ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data.
44 CVE-2018-14437 772 2018-07-19 2019-10-02
4.3
None Remote Medium Not required None None Partial
ImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c.
45 CVE-2018-14436 772 2018-07-19 2019-10-02
4.3
None Remote Medium Not required None None Partial
ImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in coders/miff.c.
46 CVE-2018-14435 772 2018-07-19 2019-10-02
4.3
None Remote Medium Not required None None Partial
ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c.
47 CVE-2018-14434 772 2018-07-19 2019-10-02
4.3
None Remote Medium Not required None None Partial
ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c.
48 CVE-2018-13153 772 2018-07-04 2019-10-02
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand function in MagickCore/animate.c.
49 CVE-2018-11656 772 DoS 2018-06-01 2019-10-02
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function ReadDCMImage in coders/dcm.c, which allows attackers to cause a denial of service via a crafted DCM image file.
50 CVE-2018-11655 772 DoS 2018-06-01 2019-10-02
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function GetImagePixelCache in MagickCore/cache.c, which allows attackers to cause a denial of service via a crafted CALS image file.
Total number of vulnerabilities : 296   Page : 1 (This Page)2 3 4 5 6
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.