High

DATE	CVE	VULNERABILITY TITLE	RISK
2017-03-20	CVE-2014-9847	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact. network low complexity opensuse-project opensuse canonical imagemagick CWE-119	7.5
2017-03-20	CVE-2014-9846	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact. network low complexity suse opensuse opensuse-project canonical imagemagick CWE-119	7.5
2017-03-20	CVE-2014-9843	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors. network low complexity opensuse opensuse-project canonical imagemagick CWE-119	7.5
2017-03-20	CVE-2014-9841	7PK - Errors vulnerability in multiple products The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to "throwing of exceptions." network low complexity opensuse opensuse-project canonical imagemagick CWE-388	7.5
2017-03-17	CVE-2014-9854	Resource Management Errors vulnerability in multiple products coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image." network low complexity imagemagick opensuse suse canonical CWE-399	7.5
2017-03-15	CVE-2016-5239	Improper Access Control vulnerability in Imagemagick The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMagick allows remote attackers to execute arbitrary commands via unspecified vectors. network low complexity imagemagick CWE-284	7.5
2017-03-14	CVE-2016-10252	Resource Management Errors vulnerability in Imagemagick Memory leak in the IsOptionMember function in MagickCore/option.c in ImageMagick before 6.9.2-2, as used in ODR-PadEnc and other products, allows attackers to trigger memory consumption. network low complexity imagemagick CWE-399	7.8
2016-12-23	CVE-2016-8707	Out-of-bounds Write vulnerability in multiple products An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. local low complexity imagemagick debian CWE-787	7.8
2016-12-13	CVE-2016-5841	Integer Overflow or Wraparound vulnerability in Imagemagick Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable. network low complexity imagemagick oracle CWE-190	7.5
2016-12-13	CVE-2016-5688	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex function or an invalid write operation in the (2) ScaleCharToQuantum or (3) SetPixelIndex functions. network high complexity oracle imagemagick CWE-119	8.1