Vulnerabilities > Imagemagick > Imagemagick > 6.9.11.53

DATE CVE VULNERABILITY TITLE RISK
2019-10-14 CVE-2019-17547 Use After Free vulnerability in Imagemagick
In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free.
network
low complexity
imagemagick CWE-416
8.8
8.8
2019-07-01 CVE-2019-13136 Integer Overflow or Wraparound vulnerability in Imagemagick
ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c.
local
low complexity
imagemagick CWE-190
7.8
7.8
2018-09-01 CVE-2018-16329 NULL Pointer Dereference vulnerability in Imagemagick
In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c.
network
low complexity
imagemagick CWE-476
critical
 9.8
9.8
2018-09-01 CVE-2018-16328 NULL Pointer Dereference vulnerability in Imagemagick
In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c.
network
low complexity
imagemagick CWE-476
critical
 9.8
9.8
2017-07-19 CVE-2017-11447 Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick
The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick before 7.0.6-1 has memory leaks, causing denial of service.
network
low complexity
imagemagick CWE-772
6.5
6.5
2017-04-20 CVE-2016-7514 Out-of-bounds Read vulnerability in Imagemagick
The ReadPSDChannelPixels function in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
network
low complexity
imagemagick CWE-125
6.5
6.5
2017-04-19 CVE-2016-7531 Out-of-bounds Write vulnerability in Imagemagick
MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PDB file.
network
low complexity
imagemagick CWE-787
6.5
6.5
2017-03-02 CVE-2016-10062 7PK - Errors vulnerability in Imagemagick
The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
local
low complexity
imagemagick CWE-388
5.5
5.5
2016-12-13 CVE-2016-5841 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable.
network
low complexity
imagemagick oracle CWE-190
critical
 9.8
9.8
2016-06-10 CVE-2016-5118 The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.
network
low complexity
graphicsmagick suse oracle opensuse canonical debian imagemagick
critical
 9.8
9.8