Vulnerabilities > Imagemagick

DATE CVE VULNERABILITY TITLE RISK
2018-03-27 CVE-2017-18254 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
An issue was discovered in ImageMagick 7.0.7.
network
low complexity
imagemagick canonical CWE-772
6.5
6.5
2018-03-27 CVE-2017-18253 NULL Pointer Dereference vulnerability in Imagemagick 7.0.7
An issue was discovered in ImageMagick 7.0.7.
network
low complexity
imagemagick CWE-476
6.5
6.5
2018-03-27 CVE-2017-18252 Reachable Assertion vulnerability in multiple products
An issue was discovered in ImageMagick 7.0.7.
network
low complexity
imagemagick canonical CWE-617
6.5
6.5
2018-03-27 CVE-2017-18251 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
An issue was discovered in ImageMagick 7.0.7.
network
low complexity
imagemagick canonical CWE-772
6.5
6.5
2018-03-27 CVE-2017-18250 NULL Pointer Dereference vulnerability in Imagemagick 7.0.70
An issue was discovered in ImageMagick 7.0.7.
network
low complexity
imagemagick CWE-476
6.5
6.5
2018-03-23 CVE-2018-8960 Out-of-bounds Read vulnerability in multiple products
The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read.
network
low complexity
imagemagick canonical CWE-125
8.8
8.8
2018-03-20 CVE-2018-8804 Double Free vulnerability in multiple products
WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file.
network
low complexity
imagemagick canonical CWE-415
8.8
8.8
2018-03-01 CVE-2017-18211 NULL Pointer Dereference vulnerability in multiple products
In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function saveBinaryCLProgram in magick/opencl.c because a program-lookup result is not checked, related to CacheOpenCLKernel.
network
low complexity
imagemagick canonical CWE-476
critical
 9.8
9.8
2018-03-01 CVE-2017-18210 NULL Pointer Dereference vulnerability in Imagemagick
In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function BenchmarkOpenCLDevices in MagickCore/opencl.c because a memory allocation result is not checked.
network
low complexity
imagemagick CWE-476
critical
 9.8
9.8
2018-03-01 CVE-2017-18209 NULL Pointer Dereference vulnerability in multiple products
In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory.
network
low complexity
imagemagick canonical CWE-476
8.8
8.8