Vulnerabilities > Imagemagick > High

DATE CVE VULNERABILITY TITLE RISK
2018-09-03 CVE-2018-16412 Out-of-bounds Read vulnerability in multiple products
ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function.
network
low complexity
imagemagick opensuse CWE-125
8.8
8.8
2018-06-20 CVE-2018-12600 Out-of-bounds Write vulnerability in multiple products
In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file.
network
low complexity
debian canonical imagemagick CWE-787
8.8
8.8
2018-06-20 CVE-2018-12599 Out-of-bounds Write vulnerability in multiple products
In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file.
network
low complexity
debian canonical imagemagick CWE-787
8.8
8.8
2018-05-31 CVE-2018-11625 Out-of-bounds Read vulnerability in multiple products
In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via a crafted file.
network
low complexity
imagemagick canonical CWE-125
8.8
8.8
2018-05-31 CVE-2018-11624 Use After Free vulnerability in Imagemagick 7.0.736
In ImageMagick 7.0.7-36 Q16, the ReadMATImage function in coders/mat.c allows attackers to cause a use after free via a crafted file.
network
low complexity
imagemagick CWE-416
8.8
8.8
2018-03-30 CVE-2018-9135 Out-of-bounds Read vulnerability in Imagemagick 7.0.724
In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in IsWEBPImageLossless in coders/webp.c.
network
low complexity
imagemagick CWE-125
8.8
8.8
2018-03-23 CVE-2018-8960 Out-of-bounds Read vulnerability in multiple products
The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read.
network
low complexity
imagemagick canonical CWE-125
8.8
8.8
2018-03-20 CVE-2018-8804 Double Free vulnerability in multiple products
WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file.
network
low complexity
imagemagick canonical CWE-415
8.8
8.8
2018-03-01 CVE-2017-18209 NULL Pointer Dereference vulnerability in multiple products
In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory.
network
low complexity
imagemagick canonical CWE-476
8.8
8.8
2018-01-05 CVE-2018-5248 Out-of-bounds Read vulnerability in multiple products
In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode function.
network
low complexity
imagemagick debian canonical CWE-125
8.8
8.8