Vulnerabilities > Imagemagick
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-03 | CVE-2020-27760 | Divide By Zero vulnerability in multiple products In `GammaImage()` of /MagickCore/enhance.c, depending on the `gamma` value, it's possible to trigger a divide-by-zero condition when a crafted input file is processed by ImageMagick. | 5.5 |
| 2020-12-03 | CVE-2020-27759 | Integer Overflow or Wraparound vulnerability in multiple products In IntensityCompare() of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a value outside the range of type `int` to be returned. | 3.3 |
| 2020-11-20 | CVE-2020-19667 | Out-of-bounds Write vulnerability in multiple products Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7. | 7.8 |
| 2020-10-22 | CVE-2020-27560 | Divide By Zero vulnerability in multiple products ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which may cause a denial of service. | 3.3 |
| 2020-06-07 | CVE-2020-13902 | Out-of-bounds Read vulnerability in Imagemagick ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image decoding. | 7.1 |
| 2020-03-10 | CVE-2020-10251 | Out-of-bounds Read vulnerability in Imagemagick 7.0.9 In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\heic.c. | 5.5 |
| 2020-02-17 | CVE-2014-1947 | Out-of-bounds Write vulnerability in multiple products Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L%02ld string, a different vulnerability than CVE-2014-2030. | 7.8 |
| 2020-02-06 | CVE-2014-2030 | Out-of-bounds Write vulnerability in multiple products Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-1947. | 8.8 |
| 2020-02-06 | CVE-2014-1958 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030. | 8.8 |
| 2020-02-06 | CVE-2016-7524 | Out-of-bounds Read vulnerability in Imagemagick coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. | 6.5 |