Vulnerabilities > Imagemagick
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-25 | CVE-2018-7470 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick 7.0.722 An issue was discovered in ImageMagick 7.0.7-22 Q16. | 6.5 |
| 2018-02-23 | CVE-2018-7443 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly validate the amount of image data in a file, which allows remote attackers to cause a denial of service (memory allocation failure in the AcquireMagickMemory function in MagickCore/memory.c). | 6.5 |
| 2018-02-13 | CVE-2018-6930 | Out-of-bounds Read vulnerability in Imagemagick 7.0.722 A stack-based buffer over-read in the ComputeResizeImage function in the MagickCore/accelerate.c file of ImageMagick 7.0.7-22 allows a remote attacker to cause a denial of service (application crash) via a maliciously crafted pict file. | 6.5 |
| 2018-02-09 | CVE-2018-6876 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The OLEProperty class in ole/oleprop.cpp in libfpx 1.3.1-10, as used in ImageMagick 7.0.7-22 Q16 and other products, allows remote attackers to cause a denial of service (stack-based buffer under-read) via a crafted bmp image. | 6.5 |
| 2018-01-30 | CVE-2018-6405 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. | 6.5 |
| 2018-01-12 | CVE-2017-18029 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file. | 6.5 |
| 2018-01-12 | CVE-2017-18028 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file. | 6.5 |
| 2018-01-12 | CVE-2017-18027 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file. | 6.5 |
| 2018-01-12 | CVE-2018-5358 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products ImageMagick 7.0.7-22 Q16 has memory leaks in the EncodeImageAttributes function in coders/json.c, as demonstrated by the ReadPSDLayersInternal function in coders/psd.c. | 6.5 |
| 2018-01-12 | CVE-2018-5357 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function in coders/dcm.c. | 6.5 |