Filtered by vendor Imagemagick
Subscribe
Total
649 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-5510 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2024-06-27 | 6.8 MEDIUM | 7.8 HIGH |
| coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write. | |||||
| CVE-2017-5511 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2024-06-27 | 7.5 HIGH | 9.8 CRITICAL |
| coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow. | |||||
| CVE-2022-48541 | 2 Fedoraproject, Imagemagick | 2 Fedora, Imagemagick | 2024-03-20 | N/A | 7.1 HIGH |
| A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote attackers to perform a denial of service via the "identify -help" command. | |||||
| CVE-2023-1289 | 3 Fedoraproject, Imagemagick, Redhat | 4 Extra Packages For Enterprise Linux, Fedora, Imagemagick and 1 more | 2024-02-22 | N/A | 5.5 MEDIUM |
| A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial of service. When ImageMagick crashes, it generates a lot of trash files. These trash files can be large if the SVG file contains many render actions. In a denial of service attack, if a remote attacker uploads an SVG file of size t, ImageMagick generates files of size 103*t. If an attacker uploads a 100M SVG, the server will generate about 10G. | |||||
| CVE-2007-4988 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2024-02-02 | 6.8 MEDIUM | 7.8 HIGH |
| Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow. | |||||
| CVE-2023-39978 | 2 Fedoraproject, Imagemagick | 2 Fedora, Imagemagick | 2023-11-30 | N/A | 3.3 LOW |
| ImageMagick before 6.9.12-91 allows attackers to cause a denial of service (memory consumption) in Magick::Draw. | |||||
| CVE-2023-3745 | 1 Imagemagick | 1 Imagemagick | 2023-11-07 | N/A | 5.5 MEDIUM |
| A heap-based buffer overflow issue was found in ImageMagick's PushCharPixel() function in quantum-private.h. This issue may allow a local attacker to trick the user into opening a specially crafted file, triggering an out-of-bounds read error and allowing an application to crash, resulting in a denial of service. | |||||
| CVE-2023-3195 | 2 Fedoraproject, Imagemagick | 3 Extra Packages For Enterprise Linux, Fedora, Imagemagick | 2023-11-07 | N/A | 5.5 MEDIUM |
| A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c. This flaw allows an attacker to trick the user into opening a specially crafted malicious tiff file, causing an application to crash, resulting in a denial of service. | |||||
| CVE-2023-3428 | 2 Fedoraproject, Imagemagick | 3 Extra Packages For Enterprise Linux, Fedora, Imagemagick | 2023-11-07 | N/A | 5.5 MEDIUM |
| A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. This issue may allow a local attacker to trick the user into opening a specially crafted file, resulting in an application crash and denial of service. | |||||
| CVE-2023-34475 | 2 Fedoraproject, Imagemagick | 3 Extra Packages For Enterprise Linux, Fedora, Imagemagick | 2023-11-07 | N/A | 5.5 MEDIUM |
| A heap use after free issue was discovered in ImageMagick's ReplaceXmpValue() function in MagickCore/profile.c. An attacker could trick user to open a specially crafted file to convert, triggering an heap-use-after-free write error, allowing an application to crash, resulting in a denial of service. | |||||
| CVE-2023-34474 | 2 Fedoraproject, Imagemagick | 3 Extra Packages For Enterprise Linux, Fedora, Imagemagick | 2023-11-07 | N/A | 5.5 MEDIUM |
| A heap-based buffer overflow issue was discovered in ImageMagick's ReadTIM2ImageData() function in coders/tim2.c. A local attacker could trick the user in opening specially crafted file, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service. | |||||
| CVE-2021-3574 | 2 Fedoraproject, Imagemagick | 2 Fedora, Imagemagick | 2023-11-07 | N/A | 3.3 LOW |
| A vulnerability was found in ImageMagick-7.0.11-5, where executing a crafted file with the convert command, ASAN detects memory leaks. | |||||
| CVE-2020-27773 | 3 Debian, Imagemagick, Redhat | 3 Debian Linux, Imagemagick, Enterprise Linux | 2023-11-07 | 4.3 MEDIUM | 3.3 LOW |
| A flaw was found in ImageMagick in MagickCore/gem-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char` or division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0. | |||||
| CVE-2020-25664 | 2 Fedoraproject, Imagemagick | 2 Fedora, Imagemagick | 2023-11-07 | 5.8 MEDIUM | 6.1 MEDIUM |
| In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory() and memset() allows for an out-of-bounds write later when PopShortPixel() from MagickCore/quantum-private.h is called. The patch fixes the calls by adding 256 to rowbytes. An attacker who is able to supply a specially crafted image could affect availability with a low impact to data integrity. This flaw affects ImageMagick versions prior to 6.9.10-68 and 7.0.8-68. | |||||
| CVE-2020-27752 | 1 Imagemagick | 1 Imagemagick | 2023-11-07 | 5.8 MEDIUM | 7.1 HIGH |
| A flaw was found in ImageMagick in MagickCore/quantum-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger a heap buffer overflow. This would most likely lead to an impact to application availability, but could potentially lead to an impact to data integrity as well. This flaw affects ImageMagick versions prior to 7.0.9-0. | |||||
| CVE-2020-25674 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| WriteOnePNGImage() from coders/png.c (the PNG coder) has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. This occurs because it is possible for the colormap to have less than 256 valid values but the loop condition will loop 256 times, attempting to pass invalid colormap data to the event logger. The patch replaces the hardcoded 256 value with a call to MagickMin() to ensure the proper value is used. This could impact application availability when a specially crafted input file is processed by ImageMagick. This flaw affects ImageMagick versions prior to 7.0.8-68. | |||||
| CVE-2020-25667 | 1 Imagemagick | 1 Imagemagick | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| TIFFGetProfiles() in /coders/tiff.c calls strstr() which causes a large out-of-bounds read when it searches for `"dc:format=\"image/dng\"` within `profile` due to improper string handling, when a crafted input file is provided to ImageMagick. The patch uses a StringInfo type instead of a raw C string to remedy this. This could cause an impact to availability of the application. This flaw affects ImageMagick versions prior to 7.0.9-0. | |||||
| CVE-2020-25665 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| The PALM image coder at coders/palm.c makes an improper call to AcquireQuantumMemory() in routine WritePALMImage() because it needs to be offset by 256. This can cause a out-of-bounds read later on in the routine. The patch adds 256 to bytes_per_row in the call to AcquireQuantumMemory(). This could cause impact to reliability. This flaw affects ImageMagick versions prior to 7.0.8-68. | |||||
| CVE-2020-27756 | 1 Imagemagick | 1 Imagemagick | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| In ParseMetaGeometry() of MagickCore/geometry.c, image height and width calculations can lead to divide-by-zero conditions which also lead to undefined behavior. This flaw can be triggered by a crafted input file processed by ImageMagick and could impact application availability. The patch uses multiplication in addition to the function `PerceptibleReciprocal()` in order to prevent such divide-by-zero conditions. This flaw affects ImageMagick versions prior to 7.0.9-0. | |||||
| CVE-2019-17540 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c. | |||||