Vulnerabilities > Graphicsmagick > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-22 | CVE-2017-13064 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:311:12. | 6.5 |
| 2017-08-22 | CVE-2017-13063 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12. | 6.5 |
| 2017-07-28 | CVE-2017-11722 | Out-of-bounds Read vulnerability in Graphicsmagick 1.3.26 The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file, because the program's actual control flow was inconsistent with its indentation. | 6.5 |
| 2017-07-18 | CVE-2017-11403 | Use After Free vulnerability in Graphicsmagick 1.3.26 The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted file. | 6.8 |
| 2017-07-07 | CVE-2017-11102 | Improper Input Validation vulnerability in Graphicsmagick 1.3.26 The ReadOneJNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (application crash) during JNG reading via a zero-length color_image data structure. | 5.0 |
| 2017-07-03 | CVE-2017-10800 | Resource Exhaustion vulnerability in Graphicsmagick 1.3.25 When GraphicsMagick 1.3.25 processes a MATLAB image in coders/mat.c, it can lead to a denial of service (OOM) in ReadMATImage() if the size specified for a MAT Object is larger than the actual amount of data. | 4.3 |
| 2017-07-03 | CVE-2017-10799 | Resource Exhaustion vulnerability in Graphicsmagick 1.3.25 When GraphicsMagick 1.3.25 processes a DPX image (with metadata indicating a large width) in coders/dpx.c, a denial of service (OOM) can occur in ReadDPXImage(). | 4.3 |
| 2017-07-02 | CVE-2017-10794 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Graphicsmagick 1.3.25 When GraphicsMagick 1.3.25 processes an RGB TIFF picture (with metadata indicating a single sample per pixel) in coders/tiff.c, a buffer overflow occurs, related to QuantumTransferMode. | 4.3 |
| 2017-05-19 | CVE-2017-9098 | Use of Uninitialized Resource vulnerability in multiple products ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image data on behalf of multiple users. | 5.0 |
| 2017-03-14 | CVE-2017-6335 | Out-of-bounds Read vulnerability in Graphicsmagick The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a small samples per pixel value in a CMYKA TIFF file. | 4.3 |