Vulnerabilities > Imagemagick > Imagemagick > 7.0.5.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-19 | CVE-2017-11450 | Improper Input Validation vulnerability in Imagemagick coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short. | 6.8 |
| 2017-07-19 | CVE-2017-11449 | Improper Input Validation vulnerability in Imagemagick coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin. | 6.8 |
| 2017-07-19 | CVE-2017-11448 | Information Exposure vulnerability in Imagemagick The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file. | 4.3 |
| 2017-07-19 | CVE-2017-11447 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick before 7.0.6-1 has memory leaks, causing denial of service. | 4.3 |
| 2017-07-17 | CVE-2017-11352 | In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. | 4.3 |
| 2017-04-18 | CVE-2017-7943 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products The ReadSVGImage function in svg.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file. | 4.3 |
| 2017-04-18 | CVE-2017-7942 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.54 The ReadAVSImage function in avs.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file. | 4.3 |
| 2017-04-18 | CVE-2017-7941 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products The ReadSGIImage function in sgi.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file. | 4.3 |
| 2017-04-09 | CVE-2017-7606 | Improper Input Validation vulnerability in Imagemagick 7.0.54 coders/rle.c in ImageMagick 7.0.5-4 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | 4.3 |