Vulnerabilities > Imagemagick
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-23 | CVE-2017-11525 | Allocation of Resources Without Limits or Throttling vulnerability in Imagemagick The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file. | 6.5 |
| 2017-07-23 | CVE-2017-11524 | Reachable Assertion vulnerability in Imagemagick The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted file. | 6.5 |
| 2017-07-22 | CVE-2017-11523 | Infinite Loop vulnerability in Imagemagick The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop) via a crafted file, because the end-of-file condition is not considered. | 6.5 |
| 2017-07-22 | CVE-2017-11522 | NULL Pointer Dereference vulnerability in Imagemagick The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | 6.5 |
| 2017-07-21 | CVE-2017-11505 | Excessive Iteration vulnerability in Imagemagick The ReadOneJNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a malformed JNG file. | 6.5 |
| 2017-07-20 | CVE-2017-11478 | Infinite Loop vulnerability in Imagemagick The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image. | 6.5 |
| 2017-07-19 | CVE-2017-11450 | coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short. | 8.8 |
| 2017-07-19 | CVE-2017-11449 | Unspecified vulnerability in Imagemagick coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin. | 8.8 |
| 2017-07-19 | CVE-2017-11448 | Information Exposure vulnerability in Imagemagick The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file. | 6.5 |
| 2017-07-19 | CVE-2017-11447 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick before 7.0.6-1 has memory leaks, causing denial of service. | 6.5 |