Vulnerabilities > Imagemagick
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-21 | CVE-2017-14624 | NULL Pointer Dereference vulnerability in multiple products ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c. | 9.8 |
| 2017-09-20 | CVE-2017-14607 | Out-of-bounds Read vulnerability in multiple products In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage has been reported in coders/tiff.c. | 8.1 |
| 2017-09-18 | CVE-2017-14533 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c. | 6.5 |
| 2017-09-18 | CVE-2017-14532 | NULL Pointer Dereference vulnerability in multiple products ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c. | 9.8 |
| 2017-09-18 | CVE-2017-14531 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in coders/sun.c. | 6.5 |
| 2017-09-18 | CVE-2017-14528 | Use After Free vulnerability in multiple products The TIFFSetProfiles function in coders/tiff.c in ImageMagick 7.0.6 has incorrect expectations about whether LibTIFF TIFFGetField return values imply that data validation has occurred, which allows remote attackers to cause a denial of service (use-after-free after an invalid call to TIFFSetField, and application crash) via a crafted file. | 6.5 |
| 2017-09-17 | CVE-2017-14505 | NULL Pointer Dereference vulnerability in Imagemagick 7.0.71 DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Service (NULL pointer dereference and application crash in AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted Image File as input. | 6.5 |
| 2017-09-12 | CVE-2017-14400 | NULL Pointer Dereference vulnerability in Imagemagick 7.0.71 In ImageMagick 7.0.7-1 Q16, the PersistPixelCache function in magick/cache.c mishandles the pixel cache nexus, which allows remote attackers to cause a denial of service (NULL pointer dereference in the function GetVirtualPixels in MagickCore/cache.c) via a crafted file. | 6.5 |
| 2017-09-12 | CVE-2017-14343 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file. | 6.5 |
| 2017-09-12 | CVE-2017-14342 | Resource Exhaustion vulnerability in multiple products ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c via a crafted wpg image file. | 6.5 |