VIR Vulnerability Intelligence Relay

Search

Found 129 results in 28ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2015-8895 high 7.5 7.5 FIX slesdebian debian imagemagick 9y ago Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause a denial of service (application crash) via a crafted length value, which triggers a buffer overflo…
CVE-2016-10252 high 7.5 7.5 FIX arch archdebian debian imagemagick 9y ago Memory leak in the IsOptionMember function in MagickCore/option.c in ImageMagick before 6.9.2-2, as used in ODR-PadEnc and other products, allows attackers to trigger memory consumption.
CVE-2017-6497 high 7.5 7.5 FIX slesdebian debian imagemagick 9y ago An issue was discovered in ImageMagick 6.9.7. A specially crafted psd file could lead to a NULL pointer dereference (thus, a DoS).
CVE-2016-10065 high 7.8 7.8 FIX slesdebian debiansuse suse imagemagick 9y ago The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2016-10067 high 7.5 7.5 FIX slesdebian debian imagemagick 9y ago magick/memory.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via vectors involving "too many exceptions," which trigger a buffer overflow.
CVE-2016-10064 high 7.8 7.8 FIX slesdebian debiansuse suse imagemagick 9y ago Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2016-10063 high 7.8 7.8 FIX slesdebian debian imagemagick 9y ago Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file, related to…
CVE-2016-8677 high 8.8 8.8 FIX slesdebian debiansuse suse imagemagick 9y ago The AcquireQuantumPixels function in MagickCore/quantum.c in ImageMagick before 7.0.3-1 allows remote attackers to have unspecified impact via a crafted image file, which triggers a memory allocation…
CVE-2016-8866 high 8.8 8.8 FIX slesdebian debiansuse suse imagemagick 9y ago The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocatio…
CVE-2016-8862 high 8.8 8.8 FIX slesdebian debian imagemagick 9y ago The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick before 7.0.3.3 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failur…
CVE-2016-6823 high 7.5 7.5 FIX slesdebian debian imagemagick 10y ago Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds writ…
CVE-2016-8707 high 7.8 7.8 FIX slesdebian debian imagemagick 10y ago An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF document can lead to an out of bounds write which in particular c…
CVE-2016-6520 critical 9.1 9.1 FIX slesdebian debian imagemagick 10y ago Buffer overflow in MagickCore/enhance.c in ImageMagick before 7.0.2-7 allows remote attackers to have unspecified impact via vectors related to pixel cache morphology.
CVE-2016-6491 high 8.8 8.8 FIX slesdebian debian imagemagick 10y ago Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read,…
CVE-2016-5842 high 7.5 7.5 FIX slesdebian debian imagemagick 10y ago MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read.
CVE-2016-5841 critical 9.8 9.8 FIX slesdebian debian imagemagick 10y ago Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involvi…
CVE-2016-5691 critical 9.8 9.8 FIX slesdebian debian imagemagick 10y ago The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3) pixe…
CVE-2016-5690 critical 9.8 9.8 FIX slesdebian debian imagemagick 10y ago The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing th…
CVE-2016-5689 critical 9.8 9.8 FIX slesdebian debian imagemagick 10y ago The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks.
CVE-2016-5688 high 8.1 8.1 FIX slesdebian debian imagemagick 10y ago The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-va…
CVE-2016-5687 critical 9.8 9.8 FIX slesdebian debian imagemagick 10y ago The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4 allows remote attackers to have unspecified impact via a crafted DDS file, which triggers an out-of-b…
CVE-2016-5118 critical 9.8 9.8 FIX slesdebian debianubuntu ubuntu graphicsmagicksuseimagemagick 10y ago The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.
CVE-2016-4564 critical 9.8 9.8 FIX slesdebian debian imagemagick 10y ago The DrawImage function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 makes an incorrect function call in attempting to locate the next token, which allows remote attackers…
CVE-2016-4563 high 8.8 8.8 FIX slesdebian debian imagemagick 10y ago The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which a…
CVE-2016-4562 high 8.8 8.8 FIX slesdebian debian imagemagick 10y ago The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices integer data, which allows remote attackers to cause…
CVE-2016-3716 low 3.3 4.3 EXPFIX debian debian rhelubuntu ubuntu imagemagick 10y ago The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image.
CVE-2012-1610 high 7.5 7.5 FIX debian debiansuse suseubuntu ubuntu imagemagick 14y ago Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service (out-of-bounds read) via a large component cou…
CVE-2012-1185 high 7.8 7.8 FIX debian debiansuse suseubuntu ubuntu imagemagick 14y ago Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execu…
CVE-2012-0247 high 8.8 8.8 FIX debian debian rhelubuntu ubuntu imagemagickredhat 14y ago ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit …