Vulnerabilities > Imagemagick > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-27 | CVE-2015-8902 | Infinite Loop vulnerability in Imagemagick The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file. | 6.5 |
| 2017-02-27 | CVE-2015-8901 | Infinite Loop vulnerability in Imagemagick ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file. | 6.5 |
| 2017-02-27 | CVE-2015-8900 | Infinite Loop vulnerability in Imagemagick The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service (infinite loop) via a crafted HDR file. | 5.5 |
| 2017-02-17 | CVE-2016-9773 | Out-of-bounds Read vulnerability in Imagemagick 7.0.38 Heap-based buffer overflow in the IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file. | 5.5 |
| 2017-02-15 | CVE-2016-8678 | Out-of-bounds Read vulnerability in Imagemagick 7.0.30 The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. | 5.5 |
| 2017-01-27 | CVE-2016-9298 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick Heap overflow in the WaveletDenoiseImage function in MagickCore/fx.c in ImageMagick before 6.9.6-4 and 7.x before 7.0.3-6 allows remote attackers to cause a denial of service (crash) via a crafted image. | 5.5 |
| 2017-01-18 | CVE-2016-7906 | Use After Free vulnerability in multiple products magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to cause a denial of service (use-after-free) via a crafted file. | 5.5 |
| 2017-01-18 | CVE-2016-7799 | Out-of-bounds Read vulnerability in multiple products MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. | 6.5 |
| 2017-01-18 | CVE-2016-7101 | Out-of-bounds Read vulnerability in Imagemagick The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file. | 6.5 |
| 2016-05-05 | CVE-2016-3718 | Server-Side Request Forgery (SSRF) vulnerability in multiple products The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image. | 5.5 |