VIR Vulnerability Intelligence Relay

Search

Found 358 results in 55ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2014-9853 medium 5.5 5.5 FIX slesdebian debianubuntu ubuntu imagemagicksuse 9y ago Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.
CVE-2015-8898 medium 5.5 5.5 FIX slesdebian debian imagemagick 9y ago The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image file.
CVE-2015-8897 medium 5.5 5.5 FIX slesdebian debian imagemagick 9y ago The SpliceImage function in MagickCore/transform.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (application crash) via a crafted png file.
CVE-2015-8896 medium 6.5 6.5 FIX slesdebian debian rhel imagemagick 9y ago Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file.
CVE-2015-8895 high 7.5 7.5 FIX slesdebian debian imagemagick 9y ago Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause a denial of service (application crash) via a crafted length value, which triggers a buffer overflo…
CVE-2015-8894 medium 5.5 5.5 FIX slesdebian debian imagemagick 9y ago Double free vulnerability in coders/tga.c in ImageMagick 7.0.0 and later allows remote attackers to cause a denial of service (application crash) via a crafted tga file.
CVE-2016-10252 high 7.5 7.5 FIX arch archdebian debian imagemagick 9y ago Memory leak in the IsOptionMember function in MagickCore/option.c in ImageMagick before 6.9.2-2, as used in ODR-PadEnc and other products, allows attackers to trigger memory consumption.
CVE-2017-6502 medium 5.5 5.5 FIX slesdebian debian imagemagick 9y ago An issue was discovered in ImageMagick 6.9.7. A specially crafted webp file could lead to a file-descriptor leak in libmagickcore (thus, a DoS).
CVE-2017-6501 medium 5.5 5.5 FIX slesdebian debian imagemagick 9y ago An issue was discovered in ImageMagick 6.9.7. A specially crafted xcf file could lead to a NULL pointer dereference.
CVE-2017-6500 medium 5.5 5.5 FIX slesdebian debian imagemagick 9y ago An issue was discovered in ImageMagick 6.9.7. A specially crafted sun file triggers a heap-based buffer over-read.
CVE-2017-6499 medium 5.5 5.5 FIX slesdebian debian imagemagick 9y ago An issue was discovered in Magick++ in ImageMagick 6.9.7. A specially crafted file creating a nested exception could lead to a memory leak (thus, a DoS).
CVE-2017-6498 medium 5.5 5.5 FIX slesdebian debian imagemagick 9y ago An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could trigger assertion failures, thus leading to DoS.
CVE-2017-6497 high 7.5 7.5 FIX slesdebian debian imagemagick 9y ago An issue was discovered in ImageMagick 6.9.7. A specially crafted psd file could lead to a NULL pointer dereference (thus, a DoS).
CVE-2016-10070 medium 5.5 5.5 FIX slesdebian debiansuse suse imagemagick 9y ago Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via…
CVE-2016-10066 medium 5.5 5.5 FIX slesdebian debian imagemagick 9y ago Buffer overflow in the ReadVIFFImage function in coders/viff.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a crafted file.
CVE-2016-10065 high 7.8 7.8 FIX slesdebian debiansuse suse imagemagick 9y ago The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2016-10061 medium 6.5 6.5 FIX slesdebian debian imagemagick 9y ago The ReadGROUP4Image function in coders/tiff.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (crash) …
CVE-2016-10071 medium 5.5 5.5 FIX slesdebian debian imagemagick 9y ago coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file.
CVE-2016-10069 medium 5.5 5.5 FIX debian debian imagemagick 9y ago coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a mat file with an invalid number of frames.
CVE-2016-10068 medium 5.5 5.5 FIX slesdebian debiansuse suse imagemagick 9y ago The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file.
CVE-2016-10067 high 7.5 7.5 FIX slesdebian debian imagemagick 9y ago magick/memory.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via vectors involving "too many exceptions," which trigger a buffer overflow.
CVE-2016-10064 high 7.8 7.8 FIX slesdebian debiansuse suse imagemagick 9y ago Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2016-10063 high 7.8 7.8 FIX slesdebian debian imagemagick 9y ago Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file, related to…
CVE-2016-10062 medium 5.5 5.5 FIX slesdebian debian imagemagick 9y ago The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via…
CVE-2016-10060 medium 6.5 6.5 FIX slesdebian debian imagemagick 9y ago The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of serv…
CVE-2016-9559 medium 6.5 6.5 FIX slesdebian debian imagemagick 9y ago coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image.
CVE-2015-8903 medium 6.5 6.5 FIX slesdebian debian imagemagick 9y ago The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file.
CVE-2015-8902 medium 6.5 6.5 FIX slesdebian debian imagemagick 9y ago The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file.
CVE-2015-8901 medium 6.5 6.5 FIX slesdebian debian imagemagick 9y ago ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file.
CVE-2015-8900 medium 5.5 5.5 FIX slesdebian debian imagemagick 9y ago The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service (infinite loop) via a crafted HDR file.
CVE-2016-9773 medium 5.5 5.5 FIX slesdebian debian imagemagick 9y ago Heap-based buffer overflow in the IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a craft…
CVE-2016-8678 medium 5.5 5.5 slesdebian debian imagemagick 9y ago The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the…
CVE-2016-8677 high 8.8 8.8 FIX slesdebian debiansuse suse imagemagick 9y ago The AcquireQuantumPixels function in MagickCore/quantum.c in ImageMagick before 7.0.3-1 allows remote attackers to have unspecified impact via a crafted image file, which triggers a memory allocation…
CVE-2016-8866 high 8.8 8.8 FIX slesdebian debiansuse suse imagemagick 9y ago The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocatio…
CVE-2016-8862 high 8.8 8.8 FIX slesdebian debian imagemagick 9y ago The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick before 7.0.3.3 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failur…
CVE-2016-9298 medium 5.5 5.5 FIX debian debian imagemagick 10y ago Heap overflow in the WaveletDenoiseImage function in MagickCore/fx.c in ImageMagick before 6.9.6-4 and 7.x before 7.0.3-6 allows remote attackers to cause a denial of service (crash) via a crafted im…
CVE-2016-7906 medium 5.5 5.5 FIX arch archdebian debian imagemagick 10y ago magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to cause a denial of service (use-after-free) via a crafted file.
CVE-2016-7799 medium 6.5 6.5 FIX slesarch archdebian debian imagemagick 10y ago MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
CVE-2016-7101 medium 6.5 6.5 FIX slesdebian debian imagemagick 10y ago The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file.
CVE-2016-6823 high 7.5 7.5 FIX slesdebian debian imagemagick 10y ago Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds writ…
CVE-2016-8707 high 7.8 7.8 FIX slesdebian debian imagemagick 10y ago An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF document can lead to an out of bounds write which in particular c…
CVE-2016-6491 high 8.8 8.8 FIX slesdebian debian imagemagick 10y ago Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read,…
CVE-2016-5842 high 7.5 7.5 FIX slesdebian debian imagemagick 10y ago MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read.
CVE-2016-5688 high 8.1 8.1 FIX slesdebian debian imagemagick 10y ago The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-va…
CVE-2016-4563 high 8.8 8.8 FIX slesdebian debian imagemagick 10y ago The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which a…
CVE-2016-4562 high 8.8 8.8 FIX slesdebian debian imagemagick 10y ago The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices integer data, which allows remote attackers to cause…
CVE-2016-3717 medium 5.5 6.5 EXPFIX debian debian rhelubuntu ubuntu imagemagick 10y ago The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.
CVE-2013-4298 medium 4.3 FIX debian debian imagemagick 13y ago The ReadGIFImage function in coders/gif.c in ImageMagick before 6.7.8-8 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted comment in a GIF i…
CVE-2012-3437 medium 4.3 FIX debian debian imagemagick 14y ago The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8 and earlier does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of …
CVE-2012-1798 medium 6.5 6.5 FIX debian debiansuse suse rhel imagemagickredhat 14y ago The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF …
CVE-2012-1610 high 7.5 7.5 FIX debian debiansuse suseubuntu ubuntu imagemagick 14y ago Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service (out-of-bounds read) via a large component cou…
CVE-2012-1186 medium 5.5 5.5 FIX debian debiansuse suseubuntu ubuntu imagemagick 14y ago Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in …
CVE-2012-1185 high 7.8 7.8 FIX debian debiansuse suseubuntu ubuntu imagemagick 14y ago Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execu…
CVE-2012-0260 medium 6.5 6.5 FIX debian debiansuse suse rhel imagemagickredhat 14y ago The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of re…
CVE-2012-0259 medium 6.5 6.5 FIX debian debiansuse suseubuntu ubuntu imagemagick 14y ago The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolu…
CVE-2012-0248 medium 5.5 5.5 FIX debian debian rhelubuntu ubuntu imagemagickredhat 14y ago ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image whose IFD contains IOP tags that all reference the beginning of the I…
CVE-2012-0247 high 8.8 8.8 FIX debian debian rhelubuntu ubuntu imagemagickredhat 14y ago ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit …
CVE-2010-4167 medium 6.9 FIX debian debian imagemagick 16y ago Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration …