Imagemagick - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Imagemagick
(Imagemagick)

Repositories	• https://github.com/ImageMagick/ImageMagick • https://github.com/ImageMagick/ImageMagick6
#Vulnerabilities	645

Date	Id	Summary	Products	Score	Patch	Annotated
2020-06-07	CVE-2020-13902	ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image decoding.	Imagemagick	N/A
2020-03-10	CVE-2020-10251	In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image.	Imagemagick	N/A
2020-02-17	CVE-2014-1947	Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L%02ld string, a different vulnerability than CVE-2014-2030.	Imagemagick, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit	N/A
2020-02-06	CVE-2014-1958	Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030.	Ubuntu_linux, Imagemagick, Opensuse	N/A
2020-02-06	CVE-2014-2030	Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-1947.	Ubuntu_linux, Imagemagick, Opensuse	N/A
2020-02-06	CVE-2016-7524	coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.	Imagemagick	N/A
2020-02-06	CVE-2016-7523	coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.	Imagemagick	N/A
2019-12-24	CVE-2019-19952	In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGImage.	Imagemagick	N/A
2019-12-15	CVE-2014-8561	imagemagick 6.8.9.6 has remote DOS via infinite loop	Debian_linux, Imagemagick	N/A
2019-10-14	CVE-2019-17547	In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free.	Imagemagick	N/A