Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
graphicsmagick vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-9956
In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an malicious user to cause a denial of service or code execution via a crafted image file.
Imagemagick Imagemagick 7.0.8-35
Debian Debian Linux 9.0
2 Github repositories
8.8
CVSSv3
CVE-2018-12599
In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow malicious users to cause an out of bounds write via a crafted file.
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 14.04
Imagemagick Imagemagick 7.0.8-3
8.8
CVSSv3
CVE-2018-12600
In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow malicious users to cause an out of bounds write via a crafted file.
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Imagemagick Imagemagick 7.0.8-3
8.8
CVSSv3
CVE-2018-8804
WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote malicious users to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file.
Imagemagick Imagemagick 7.0.7-25q16
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
8.8
CVSSv3
CVE-2017-18220
The ReadOneJNGImage and ReadJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 allow remote malicious users to cause a denial of service (magick/blob.c CloseBlob use-after-free) or possibly have unspecified other impact via a crafted file, a related issue to CVE-2017-114...
Graphicsmagick Graphicsmagick 1.3.26
8.8
CVSSv3
CVE-2018-6799
The AcquireCacheNexus function in magick/pixel_cache.c in GraphicsMagick prior to 1.3.28 allows remote malicious users to cause a denial of service (heap overwrite) or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used.
Graphicsmagick Graphicsmagick
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
8.8
CVSSv3
CVE-2018-5360
LibTIFF prior to 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick 1.3.27.
Libtiff Libtiff
Graphicsmagick Graphicsmagick 1.3.27
8.8
CVSSv3
CVE-2017-17912
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadNewsProfile in coders/tiff.c, in which LocaleNCompare reads heap data beyond the allocated region.
Graphicsmagick Graphicsmagick 1.3.27
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
8.8
CVSSv3
CVE-2017-17913
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to an incompatibility with libwebp versions, 0.5.0 and later, that use a different structure type.
Graphicsmagick Graphicsmagick 1.3.27
Debian Debian Linux 9.0
8.8
CVSSv3
CVE-2017-17915
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadMNGImage in coders/png.c, related to accessing one byte before testing whether a limit has been reached.
Graphicsmagick Graphicsmagick 1.3.27
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »