Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Imagemagick
(Imagemagick)| Repositories |
• https://github.com/ImageMagick/ImageMagick
• https://github.com/ImageMagick/ImageMagick6 |
| #Vulnerabilities | 645 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-03-10 | CVE-2020-10251 | In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image. | Imagemagick | N/A | ||
| 2020-02-17 | CVE-2014-1947 | Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L%02ld string, a different vulnerability than CVE-2014-2030. | Imagemagick, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit | N/A | ||
| 2020-02-06 | CVE-2014-1958 | Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030. | Ubuntu_linux, Imagemagick, Opensuse | N/A | ||
| 2020-02-06 | CVE-2014-2030 | Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-1947. | Ubuntu_linux, Imagemagick, Opensuse | N/A | ||
| 2020-02-06 | CVE-2016-7524 | coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. | Imagemagick | N/A | ||
| 2020-02-06 | CVE-2016-7523 | coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. | Imagemagick | N/A | ||
| 2019-12-24 | CVE-2019-19952 | In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGImage. | Imagemagick | N/A | ||
| 2019-12-15 | CVE-2014-8561 | imagemagick 6.8.9.6 has remote DOS via infinite loop | Debian_linux, Imagemagick | N/A | ||
| 2019-10-14 | CVE-2019-17547 | In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free. | Imagemagick | N/A | ||
| 2017-04-30 | CVE-2017-8357 | In ImageMagick 7.0.5-5, the ReadEPTImage function in ept.c allows attackers to cause a denial of service (memory leak) via a crafted file. | Debian_linux, Imagemagick | 6.5 |