Vulnerabilities > Imagemagick

DATE CVE VULNERABILITY TITLE RISK
2019-09-23 CVE-2019-16712 Memory Leak vulnerability in multiple products
ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image.
network
low complexity
imagemagick opensuse CWE-401
6.5
2019-09-23 CVE-2019-16711 Memory Leak vulnerability in multiple products
ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.
network
low complexity
imagemagick debian opensuse canonical CWE-401
6.5
2019-09-23 CVE-2019-16710 Memory Leak vulnerability in multiple products
ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.
network
low complexity
imagemagick debian opensuse canonical CWE-401
6.5
2019-09-23 CVE-2019-16709 Memory Leak vulnerability in multiple products
ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.
network
low complexity
imagemagick opensuse canonical CWE-401
6.5
2019-09-23 CVE-2019-16708 Memory Leak vulnerability in multiple products
ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.
network
low complexity
imagemagick canonical opensuse debian CWE-401
6.5
2019-08-18 CVE-2019-15141 Out-of-bounds Read vulnerability in multiple products
WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF.
network
low complexity
imagemagick opensuse CWE-125
6.5
2019-08-18 CVE-2019-15140 Use After Free vulnerability in Imagemagick 7.0.843
coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.
network
low complexity
imagemagick CWE-416
8.8
2019-08-18 CVE-2019-15139 Out-of-bounds Read vulnerability in Imagemagick 7.0.841
The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472.
network
low complexity
imagemagick CWE-125
6.5
2019-08-12 CVE-2019-14981 Divide By Zero vulnerability in multiple products
In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function.
network
low complexity
imagemagick debian canonical opensuse CWE-369
6.5
2019-08-12 CVE-2019-14980 Use After Free vulnerability in multiple products
In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file.
network
low complexity
imagemagick opensuse CWE-416
6.5