Vulnerabilities > Imagemagick

DATE CVE VULNERABILITY TITLE RISK
2019-03-24 CVE-2019-9956 Out-of-bounds Write vulnerability in multiple products
In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an attacker to cause a denial of service or code execution via a crafted image file.
network
low complexity
imagemagick debian CWE-787
8.8
8.8
2019-03-07 CVE-2019-7175 Memory Leak vulnerability in multiple products
In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.
network
low complexity
imagemagick opensuse debian canonical CWE-401
7.5
7.5
2019-02-05 CVE-2019-7398 Memory Leak vulnerability in multiple products
In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.
network
low complexity
imagemagick opensuse debian canonical CWE-401
7.5
7.5
2019-02-05 CVE-2019-7397 Memory Leak vulnerability in multiple products
In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c. 		7.5
7.5
2019-02-05 CVE-2019-7396 Memory Leak vulnerability in multiple products
In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.
network
low complexity
imagemagick opensuse debian canonical CWE-401
7.5
7.5
2019-02-05 CVE-2019-7395 Memory Leak vulnerability in multiple products
In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.
network
low complexity
imagemagick opensuse debian canonical CWE-401
7.5
7.5
2018-12-26 CVE-2018-20467 Infinite Loop vulnerability in multiple products
In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption.
network
low complexity
imagemagick opensuse debian canonical CWE-835
6.5
6.5
2018-10-21 CVE-2018-18544 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31.
network
low complexity
imagemagick graphicsmagick opensuse CWE-772
6.5
6.5
2018-10-07 CVE-2018-18025 Out-of-bounds Read vulnerability in multiple products
In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the EncodeImage function of coders/pict.c, which allows attackers to cause a denial of service via a crafted SVG image file.
network
low complexity
imagemagick debian CWE-125
6.5
6.5
2018-10-07 CVE-2018-18024 Infinite Loop vulnerability in Imagemagick 7.0.813
In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ReadBMPImage function of the coders/bmp.c file.
network
low complexity
imagemagick CWE-835
6.5
6.5