Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Imagemagick
(Imagemagick)| Repositories |
• https://github.com/ImageMagick/ImageMagick
• https://github.com/ImageMagick/ImageMagick6 |
| #Vulnerabilities | 644 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2016-05-05 | CVE-2016-3718 | The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image. | Ubuntu_linux, Imagemagick, Leap, Opensuse, Linux, Solaris, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_power_big_endian, Enterprise_linux_for_power_big_endian_eus, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_hpc_node, Enterprise_linux_hpc_node_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_from_rhui, Enterprise_linux_server_supplementary_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Linux_enterprise_debuginfo, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit, Linux_enterprise_workstation_extension, Manager, Manager_proxy, Openstack_cloud | 5.5 | ||
| 2016-05-05 | CVE-2016-3715 | The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image. | Ubuntu_linux, Imagemagick, Leap, Opensuse, Linux, Solaris, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_power_big_endian, Enterprise_linux_for_power_big_endian_eus, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_hpc_node, Enterprise_linux_hpc_node_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_from_rhui, Enterprise_linux_server_supplementary_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Linux_enterprise_debuginfo, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit, Linux_enterprise_workstation_extension, Manager, Manager_proxy, Openstack_cloud | 5.5 | ||
| 2017-04-19 | CVE-2016-7537 | MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file. | Imagemagick | 6.5 | ||
| 2017-04-20 | CVE-2016-7534 | The generic decoder in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted file. | Imagemagick | 6.5 | ||
| 2017-04-20 | CVE-2016-7535 | coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PSD file. | Imagemagick | 6.5 | ||
| 2017-04-20 | CVE-2016-7536 | magick/profile.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted profile. | Imagemagick | 6.5 | ||
| 2017-04-19 | CVE-2016-7515 | The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the number of pixels. | Imagemagick | 6.5 | ||
| 2017-04-19 | CVE-2016-7519 | The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. | Imagemagick | 6.5 | ||
| 2017-04-19 | CVE-2016-7522 | The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file. | Imagemagick | 6.5 | ||
| 2017-04-19 | CVE-2016-7528 | The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted VIFF file. | Imagemagick | 6.5 |