Vulnerabilities > Imagemagick > Imagemagick > 6.9.12.31

DATE CVE VULNERABILITY TITLE RISK
2020-12-08 CVE-2020-25663 Unspecified vulnerability in Imagemagick
A call to ConformPixelInfo() in the SetImageAlphaChannel() routine of /MagickCore/channel.c caused a subsequent heap-use-after-free or heap-buffer-overflow READ when GetPixelRed() or GetPixelBlue() was called.
local
low complexity
imagemagick
5.5
5.5
2019-10-14 CVE-2019-17547 Use After Free vulnerability in Imagemagick
In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free.
network
low complexity
imagemagick CWE-416
8.8
8.8
2019-07-01 CVE-2019-13136 Integer Overflow or Wraparound vulnerability in Imagemagick
ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c.
local
low complexity
imagemagick CWE-190
7.8
7.8
2018-09-01 CVE-2018-16329 NULL Pointer Dereference vulnerability in Imagemagick
In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c.
network
low complexity
imagemagick CWE-476
critical
 9.8
9.8
2018-09-01 CVE-2018-16328 NULL Pointer Dereference vulnerability in Imagemagick
In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c.
network
low complexity
imagemagick CWE-476
critical
 9.8
9.8
2017-07-19 CVE-2017-11447 Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick
The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick before 7.0.6-1 has memory leaks, causing denial of service.
network
low complexity
imagemagick CWE-772
6.5
6.5
2017-04-20 CVE-2016-7514 Out-of-bounds Read vulnerability in Imagemagick
The ReadPSDChannelPixels function in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
network
low complexity
imagemagick CWE-125
6.5
6.5
2017-04-19 CVE-2016-7531 Out-of-bounds Write vulnerability in Imagemagick
MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PDB file.
network
low complexity
imagemagick CWE-787
6.5
6.5
2017-03-02 CVE-2016-10062 7PK - Errors vulnerability in Imagemagick
The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
local
low complexity
imagemagick CWE-388
5.5
5.5
2016-12-13 CVE-2016-5841 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable.
network
low complexity
imagemagick oracle CWE-190
critical
 9.8
9.8