Vulnerabilities > Imagemagick > Imagemagick > 6.9.9.33
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-02-05 | CVE-2019-7395 | Memory Leak vulnerability in multiple products In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c. | 5.0 |
2018-12-26 | CVE-2018-20467 | Infinite Loop vulnerability in multiple products In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. | 4.3 |
2018-09-09 | CVE-2018-16750 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfromBuffer function in coders/meta.c was found. | 4.3 |
2018-09-09 | CVE-2018-16749 | NULL Pointer Dereference vulnerability in multiple products In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file. | 4.3 |
2018-09-01 | CVE-2018-16329 | NULL Pointer Dereference vulnerability in Imagemagick In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c. | 7.5 |
2018-09-01 | CVE-2018-16328 | NULL Pointer Dereference vulnerability in Imagemagick In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c. | 7.5 |
2018-09-01 | CVE-2018-16323 | Information Exposure vulnerability in multiple products ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. | 4.3 |
2018-01-30 | CVE-2018-6405 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. | 4.3 |
2017-07-19 | CVE-2017-11450 | Improper Input Validation vulnerability in Imagemagick coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short. | 6.8 |
2017-07-19 | CVE-2017-11449 | Improper Input Validation vulnerability in Imagemagick coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin. | 6.8 |