| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The ReadMATImage function in coders\mat.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted MAT file, related to incorrect ordering of a SetImageExtent call. |
| ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted xwd image. |
| coders/dds.c in ImageMagick allows remote attackers to cause a denial of service via a crafted DDS file. |
| The png coder in ImageMagick allows remote attackers to cause a denial of service (crash). |
| ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted wpg file. |
| In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short files. |
| distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors. |
| The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866. |
| In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted wpg image file that triggers a ReadWPGImage call. |
| Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pdb file. |
| The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image file. |
| In ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c allows attackers to cause a denial of service (memory leak) via a crafted .art file. |
| The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file. |
| In ImageMagick before 6.9.7-10, there is a crash (rather than a "width or height exceeds limit" error report) if the image dimensions are too large, as demonstrated by use of the mpc coder. |
| In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash. |
| ImageMagick allows remote attackers to cause a denial of service (file descriptor consumption) via a crafted file. |
| vision.c in ImageMagick allows remote attackers to cause a denial of service (infinite loop) via vectors related to "too many object." |
| The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via unspecified vectors. |
| ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted dpc image. |
| In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function in coders/svg.c. |
