Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
imagemagick imagemagick 7.0.7-26 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-9133
ImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLabImage and EncodeLabImage functions (coders/tiff.c), which results in a hang (tens of minutes) with a tiny PoC file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tiff ...
Imagemagick Imagemagick 7.0.7-26
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
6.8
CVSSv2
CVE-2018-8960
The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read.
Imagemagick Imagemagick 7.0.7-26
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
7.5
CVSSv2
CVE-2017-13139
In ImageMagick prior to 6.9.9-0 and 7.x prior to 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.
Imagemagick Imagemagick 7.0.5-2
Imagemagick Imagemagick 7.0.5-3
Imagemagick Imagemagick 7.0.4-0
Imagemagick Imagemagick 7.0.4-1
Imagemagick Imagemagick 7.0.4-8
Imagemagick Imagemagick 7.0.4-9
Imagemagick Imagemagick 7.0.3-6
Imagemagick Imagemagick 7.0.3-7
Imagemagick Imagemagick 7.0.2-3
Imagemagick Imagemagick 7.0.2-4
Imagemagick Imagemagick 7.0.0-0
Imagemagick Imagemagick 7.0.1-0
Imagemagick Imagemagick 7.0.1-1
Imagemagick Imagemagick 7.0.1-8
Imagemagick Imagemagick 7.0.1-9
Imagemagick Imagemagick 7.0.6-0
Imagemagick Imagemagick 7.0.5-6
Imagemagick Imagemagick 7.0.5-7
Imagemagick Imagemagick 7.0.4-4
Imagemagick Imagemagick 7.0.4-5
Imagemagick Imagemagick 7.0.3-2
Imagemagick Imagemagick 7.0.3-3
7.5
CVSSv2
CVE-2018-16328
In ImageMagick prior to 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c.
Imagemagick Imagemagick
6.8
CVSSv2
CVE-2019-17541
ImageMagick prior to 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c.
Imagemagick Imagemagick
1 Github repository
7.1
CVSSv2
CVE-2017-11166
The ReadXWDImage function in coders\xwd.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted length (number of color-map entries) field in the header of an XWD file.
Imagemagick Imagemagick 7.0.5-6
4.3
CVSSv2
CVE-2019-15139
The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows malicious users to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a...
Imagemagick Imagemagick 7.0.8-41
6.8
CVSSv2
CVE-2019-15140
coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote malicious users to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.
Imagemagick Imagemagick 7.0.8-43
7.1
CVSSv2
CVE-2019-11470
The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows malicious users to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for ins...
Imagemagick Imagemagick 7.0.8-26
4.3
CVSSv2
CVE-2019-11472
ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows malicious users to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.
Imagemagick Imagemagick 7.0.8-41
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »