Vulnerabilities > Imagemagick > Imagemagick > 6.9.10.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-07-01 | CVE-2019-13135 | Use of Uninitialized Resource vulnerability in multiple products ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c. | 8.8 |
2019-04-02 | CVE-2019-10714 | Out-of-bounds Read vulnerability in Imagemagick LocaleLowercase in MagickCore/locale.c in ImageMagick before 7.0.8-32 allows out-of-bounds access, leading to a SIGSEGV. | 4.3 |
2019-03-07 | CVE-2019-7175 | Memory Leak vulnerability in multiple products In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c. | 5.0 |
2019-02-05 | CVE-2019-7398 | Memory Leak vulnerability in multiple products In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c. | 5.0 |
2019-02-05 | CVE-2019-7397 | Memory Leak vulnerability in multiple products In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c. | 5.0 |
2019-02-05 | CVE-2019-7396 | Memory Leak vulnerability in multiple products In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c. | 5.0 |
2019-02-05 | CVE-2019-7395 | Memory Leak vulnerability in multiple products In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c. | 5.0 |
2018-12-26 | CVE-2018-20467 | Infinite Loop vulnerability in multiple products In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. | 4.3 |
2018-09-01 | CVE-2018-16323 | Information Exposure vulnerability in multiple products ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. | 4.3 |
2017-01-18 | CVE-2016-6823 | Integer Overflow or Wraparound vulnerability in Imagemagick Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds write. | 5.0 |