Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
graphicsmagick graphicsmagick vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-9956
In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an malicious user to cause a denial of service or code execution via a crafted image file.
Imagemagick Imagemagick 7.0.8-35
Debian Debian Linux 9.0
2 Github repositories
8.8
CVSSv3
CVE-2018-12599
In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow malicious users to cause an out of bounds write via a crafted file.
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 14.04
Imagemagick Imagemagick 7.0.8-3
8.8
CVSSv3
CVE-2018-12600
In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow malicious users to cause an out of bounds write via a crafted file.
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Imagemagick Imagemagick 7.0.8-3
8.8
CVSSv3
CVE-2018-8804
WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote malicious users to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file.
Imagemagick Imagemagick 7.0.7-25q16
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
8.8
CVSSv3
CVE-2017-18220
The ReadOneJNGImage and ReadJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 allow remote malicious users to cause a denial of service (magick/blob.c CloseBlob use-after-free) or possibly have unspecified other impact via a crafted file, a related issue to CVE-2017-114...
Graphicsmagick Graphicsmagick 1.3.26
8.8
CVSSv3
CVE-2018-6799
The AcquireCacheNexus function in magick/pixel_cache.c in GraphicsMagick prior to 1.3.28 allows remote malicious users to cause a denial of service (heap overwrite) or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used.
Graphicsmagick Graphicsmagick
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
8.8
CVSSv3
CVE-2018-5360
LibTIFF prior to 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick 1.3.27.
Libtiff Libtiff
Graphicsmagick Graphicsmagick 1.3.27
8.8
CVSSv3
CVE-2017-17912
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadNewsProfile in coders/tiff.c, in which LocaleNCompare reads heap data beyond the allocated region.
Graphicsmagick Graphicsmagick 1.3.27
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
8.8
CVSSv3
CVE-2017-17913
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to an incompatibility with libwebp versions, 0.5.0 and later, that use a different structure type.
Graphicsmagick Graphicsmagick 1.3.27
Debian Debian Linux 9.0
8.8
CVSSv3
CVE-2017-17915
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadMNGImage in coders/png.c, related to accessing one byte before testing whether a limit has been reached.
Graphicsmagick Graphicsmagick 1.3.27
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »