Vulnerabilities > Imagemagick > Low

DATE CVE VULNERABILITY TITLE RISK
2020-12-03 CVE-2020-27761 Integer Overflow or Wraparound vulnerability in multiple products
WritePALMImage() in /coders/palm.c used size_t casts in several areas of a calculation which could lead to values outside the range of representable type `unsigned long` undefined behavior when a crafted input file was processed by ImageMagick.
local
low complexity
imagemagick debian CWE-190
3.3
3.3
2020-12-03 CVE-2020-27763 Divide By Zero vulnerability in multiple products
A flaw was found in ImageMagick in MagickCore/resize.c.
local
low complexity
imagemagick debian CWE-369
3.3
3.3
2020-12-03 CVE-2020-27764 Integer Overflow or Wraparound vulnerability in multiple products
In /MagickCore/statistic.c, there are several areas in ApplyEvaluateOperator() where a size_t cast should have been a ssize_t cast, which causes out-of-range values under some circumstances when a crafted input file is processed by ImageMagick.
local
low complexity
imagemagick debian CWE-190
3.3
3.3
2020-10-22 CVE-2020-27560 Divide By Zero vulnerability in multiple products
ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which may cause a denial of service.
local
low complexity
imagemagick debian opensuse CWE-369
3.3
3.3
2019-04-30 CVE-2019-10131 Off-by-one Error vulnerability in multiple products
An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. 		3.6
3.6
2017-04-11 CVE-2014-8716 Out-of-bounds Read vulnerability in Imagemagick
The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and crash).
local
low complexity
imagemagick CWE-125
2.1
2.1
2016-05-05 CVE-2016-3716 Permissions, Privileges, and Access Controls vulnerability in multiple products
The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image.
local
low complexity
canonical imagemagick redhat CWE-264
3.3
3.3
2006-08-15 CVE-2006-4144 Remote Heap Buffer Overflow vulnerability in ImageMagick SGI Image File
Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large (1) bytes_per_pixel, (2) columns, and (3) rows values, which trigger a heap-based buffer overflow.
network
high complexity
imagemagick
2.6
2.6