Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
graphicsmagick graphicsmagick vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-15140
coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote malicious users to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.
Imagemagick Imagemagick 7.0.8-43
6.5
CVSSv3
CVE-2019-15141
WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows malicious users to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectoryS...
Imagemagick Imagemagick 7.0.8-43
Opensuse Leap 15.0
Opensuse Leap 15.1
6.5
CVSSv3
CVE-2019-14980
In ImageMagick 7.x prior to 7.0.8-42 and 6.x prior to 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an malicious user to cause a denial of service by sending a crafted file.
Imagemagick Imagemagick
Opensuse Leap 15.0
Opensuse Leap 15.1
6.5
CVSSv3
CVE-2019-14981
In ImageMagick 7.x prior to 7.0.8-41 and 6.x prior to 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an malicious user to cause a denial of service by sending a crafted file.
Imagemagick Imagemagick
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Opensuse Leap 15.0
Opensuse Leap 15.1
7.8
CVSSv3
CVE-2019-13574
In lib/mini_magick/image.rb in MiniMagick prior to 4.9.4, a fetched remote image filename could cause remote command execution because Image.open input is directly passed to Kernel#open, which accepts a '|' character followed by a command.
Minimagick Project Minimagick
Debian Debian Linux 10.0
Debian Debian Linux 9.0
1 Github repository
6.5
CVSSv3
CVE-2019-13454
ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.
Imagemagick Imagemagick 7.0.8-54
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Opensuse Leap 15.0
Opensuse Leap 15.1
8.8
CVSSv3
CVE-2019-13297
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.
Imagemagick Imagemagick 7.0.8-50
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Opensuse Leap 15.0
Opensuse Leap 15.1
7.8
CVSSv3
CVE-2019-13306
ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.
Imagemagick Imagemagick 7.0.8-50
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.0
Opensuse Leap 15.1
7.8
CVSSv3
CVE-2019-13307
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows.
Imagemagick Imagemagick 7.0.8-50
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.0
Opensuse Leap 15.1
6.5
CVSSv3
CVE-2019-13309
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c.
Imagemagick Imagemagick 7.0.8-50
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.0
Opensuse Leap 15.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »