Vulnerabilities > Graphicsmagick > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-28 | CVE-2022-1270 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In GraphicsMagick, a heap buffer overflow was found when parsing MIFF. | 7.8 |
| 2020-05-06 | CVE-2020-12672 | Out-of-bounds Write vulnerability in multiple products GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c. | 7.5 |
| 2020-03-24 | CVE-2020-10938 | Integer Overflow or Wraparound vulnerability in multiple products GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c. | 7.5 |
| 2019-04-24 | CVE-2019-11506 | Out-of-bounds Write vulnerability in multiple products In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. | 8.8 |
| 2019-04-24 | CVE-2019-11505 | Out-of-bounds Write vulnerability in multiple products In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. | 8.8 |
| 2019-04-08 | CVE-2019-11008 | Out-of-bounds Write vulnerability in multiple products In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file. | 8.8 |
| 2019-04-08 | CVE-2019-11007 | Out-of-bounds Read vulnerability in multiple products In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image colormap. | 8.1 |
| 2019-04-08 | CVE-2019-11005 | Out-of-bounds Write vulnerability in multiple products In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buffer overflow in the function SVGStartElement of coders/svg.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a quoted font family value. | 7.5 |
| 2018-03-05 | CVE-2017-18220 | Use After Free vulnerability in Graphicsmagick 1.3.26 The ReadOneJNGImage and ReadJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 allow remote attackers to cause a denial of service (magick/blob.c CloseBlob use-after-free) or possibly have unspecified other impact via a crafted file, a related issue to CVE-2017-11403. | 8.8 |
| 2018-02-07 | CVE-2018-6799 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The AcquireCacheNexus function in magick/pixel_cache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service (heap overwrite) or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used. | 8.8 |