Vulnerabilities > Imagemagick
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-05 | CVE-2018-5248 | Out-of-bounds Read vulnerability in multiple products In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode function. | 8.8 |
| 2018-01-05 | CVE-2018-5247 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c. | 6.5 |
| 2018-01-05 | CVE-2018-5246 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c. | 6.5 |
| 2018-01-05 | CVE-2017-18022 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c. | 6.5 |
| 2018-01-03 | CVE-2017-1000476 | Resource Exhaustion vulnerability in multiple products ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service. | 6.5 |
| 2018-01-02 | CVE-2017-1000445 | NULL Pointer Dereference vulnerability in multiple products ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service | 6.5 |
| 2018-01-01 | CVE-2017-18008 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in coders/pwp.c. | 6.5 |
| 2017-12-27 | CVE-2017-17934 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with mishandling of MSLPushImage calls. | 6.5 |
| 2017-12-27 | CVE-2017-17914 | Excessive Iteration vulnerability in multiple products In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service (ReadOneMNGImage large loop) via a crafted mng image file. | 6.5 |
| 2017-12-27 | CVE-2017-17887 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function GetImagePixelCache in magick/cache.c, which allows attackers to cause a denial of service via a crafted MNG image file that is processed by ReadOneMNGImage. | 6.5 |