High

DATE	CVE	VULNERABILITY TITLE	RISK
2017-07-26	CVE-2017-11638	Improper Input Validation vulnerability in Graphicsmagick 1.3.26 GraphicsMagick 1.3.26 has a segmentation violation in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11642. network low complexity graphicsmagick CWE-20	8.8
2017-07-26	CVE-2017-11637	NULL Pointer Dereference vulnerability in Graphicsmagick 1.3.26 GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() function in coders/pcl.c during writes of monochrome images. network low complexity graphicsmagick CWE-476	7.5
2017-07-26	CVE-2017-11636	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Graphicsmagick 1.3.26 GraphicsMagick 1.3.26 has a heap overflow in the WriteRGBImage() function in coders/rgb.c when processing multiple frames that have non-identical widths. network low complexity graphicsmagick CWE-119	7.5
2017-07-10	CVE-2017-11140	Resource Exhaustion vulnerability in Graphicsmagick 1.3.26 The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 creates a pixel cache before a successful read of a scanline, which allows remote attackers to cause a denial of service (resource consumption) via crafted JPEG files. network graphicsmagick CWE-400	7.1
2017-07-10	CVE-2017-11139	Double Free vulnerability in multiple products GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders/png.c. network low complexity graphicsmagick debian CWE-415	7.5
2017-02-06	CVE-2016-7448	Resource Management Errors vulnerability in multiple products The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations) via vectors involving the header information and the file size. network low complexity graphicsmagick debian opensuse CWE-399	7.8
2017-02-06	CVE-2016-7447	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors. network low complexity graphicsmagick debian opensuse CWE-119	7.5
2017-02-06	CVE-2016-7446	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. network low complexity graphicsmagick debian opensuse CWE-119	7.5
2017-01-18	CVE-2016-7996	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Graphicsmagick Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries. network low complexity graphicsmagick CWE-119	7.5
2009-04-06	CVE-2008-6621	Unspecified vulnerability in Graphicsmagick Unspecified vulnerability in GraphicsMagick before 1.2.3 allows remote attackers to cause a denial of service (crash) via unspecified vectors in DPX images. network low complexity graphicsmagick	7.8