Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
imagemagick imagemagick 7.0.7-26 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-8960
The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read.
Imagemagick Imagemagick 7.0.7-26
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
6.5
CVSSv3
CVE-2018-9133
ImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLabImage and EncodeLabImage functions (coders/tiff.c), which results in a hang (tens of minutes) with a tiny PoC file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tiff ...
Imagemagick Imagemagick 7.0.7-26
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
9.8
CVSSv3
CVE-2017-13139
In ImageMagick prior to 6.9.9-0 and 7.x prior to 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.
Imagemagick Imagemagick 7.0.5-2
Imagemagick Imagemagick 7.0.5-3
Imagemagick Imagemagick 7.0.4-0
Imagemagick Imagemagick 7.0.4-1
Imagemagick Imagemagick 7.0.4-8
Imagemagick Imagemagick 7.0.4-9
Imagemagick Imagemagick 7.0.3-6
Imagemagick Imagemagick 7.0.3-7
Imagemagick Imagemagick 7.0.2-3
Imagemagick Imagemagick 7.0.2-4
Imagemagick Imagemagick 7.0.0-0
Imagemagick Imagemagick 7.0.1-0
Imagemagick Imagemagick 7.0.1-1
Imagemagick Imagemagick 7.0.1-8
Imagemagick Imagemagick 7.0.1-9
Imagemagick Imagemagick 7.0.6-0
Imagemagick Imagemagick 7.0.5-6
Imagemagick Imagemagick 7.0.5-7
Imagemagick Imagemagick 7.0.4-4
Imagemagick Imagemagick 7.0.4-5
Imagemagick Imagemagick 7.0.3-2
Imagemagick Imagemagick 7.0.3-3
8.8
CVSSv3
CVE-2019-17541
ImageMagick prior to 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c.
Imagemagick Imagemagick
1 Github repository
9.8
CVSSv3
CVE-2018-16328
In ImageMagick prior to 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c.
Imagemagick Imagemagick
6.5
CVSSv3
CVE-2019-11470
The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows malicious users to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for ins...
Imagemagick Imagemagick 7.0.8-26
6.5
CVSSv3
CVE-2019-11472
ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows malicious users to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.
Imagemagick Imagemagick 7.0.8-41
8.1
CVSSv3
CVE-2019-11597
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an malicious user to cause a denial of service or possibly information disclosure via a crafted image file.
Imagemagick Imagemagick 7.0.8-43
8.1
CVSSv3
CVE-2019-11598
In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an malicious user to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in Magi...
Imagemagick Imagemagick 7.0.8-40
6.5
CVSSv3
CVE-2018-15607
In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocatio...
Imagemagick Imagemagick 7.0.8-11
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »