Lucene search
K

138 matches found

OSV
OSV
added 2018/03/05 10:29 p.m.5 views

CVE-2017-18219

An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted file that triggers an attempt at a large pngpixels array allocation...

6.5CVSS6.9AI score
Exploits0References9
OSV
OSV
added 2018/02/07 5:29 a.m.6 views

CVE-2018-6799

The AcquireCacheNexus function in magick/pixelcache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service heap overwrite or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used...

8.8CVSS9.4AI score0.02576EPSS
Exploits0References7
OSV
OSV
added 2018/01/14 2:29 a.m.11 views

CVE-2018-5685

In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function coders/bmp.c. Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask value...

6.5CVSS7AI score
Exploits0References5
OSV
OSV
added 2017/12/27 5:8 p.m.9 views

CVE-2017-17915

In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadMNGImage in coders/png.c, related to accessing one byte before testing whether a limit has been reached...

8.8CVSS9.2AI score
Exploits0References6
OSV
OSV
added 2017/12/20 9:29 a.m.12 views

CVE-2017-17783

In GraphicsMagick 1.3.27a, there is a buffer over-read in ReadPALMImage in coders/palm.c when QuantumDepth is 8...

7.5CVSS9.6AI score
Exploits0References4
OSV
OSV
added 2017/12/11 2:29 a.m.9 views

CVE-2017-17502

ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a magick/import.c ImportCMYKQuantumType heap-based buffer over-read via a crafted file...

8.8CVSS8.8AI score
Exploits0References8
NVD
NVD
added 2017/12/11 2:29 a.m.21 views

CVE-2017-17503

ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file...

8.8CVSS7.3AI score0.01919EPSS
Exploits0References8
CNVD
CNVD
added 2017/11/09 12:0 a.m.2 views

GraphicsMagick Denial of Service Vulnerability (CNVD-2017-36390)

GraphicsMagick is a simple set of image processing tools. The tool provides resizing, rotating, highlighting and other functions to images. A security vulnerability exists in the coders/wpg.c file in GraphicsMagick version 1.3.26. A remote attacker can exploit this vulnerability to cause a denial...

8.8CVSS7.2AI score0.03397EPSS
Exploits1References1
CNVD
CNVD
added 2017/11/06 12:0 a.m.6 views

GraphicsMagick Denial of Service Vulnerability (CNVD-2017-36019)

GraphicsMagick is a simple set of image processing tools. The tool provides resizing, rotating, highlighting and other functions to images. A security vulnerability exists in the 'ReadWPGImage' function in the coders/wpg.c file in GraphicsMagick version 1.3.26. A remote attacker can exploit this...

8.8CVSS6.9AI score0.02202EPSS
Exploits0References1
OSV
OSV
added 2017/11/05 10:29 p.m.7 views

CVE-2017-16545

The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to cause a denial of service ImportIndexQuantumType invalid write and application crash or possibly have unspecified other impact via a malformed WPG ima...

8.8CVSS9.6AI score
Exploits0References7
OSV
OSV
added 2017/11/01 3:29 p.m.12 views

CVE-2017-16352

GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the DescribeImage function of the magick/describe.c file. One possible way to trigger the vulnerability is to run the identify command on a specially crafted...

8.8CVSS9.1AI score
Exploits0References9
UbuntuCve
UbuntuCve
added 2017/11/01 3:29 p.m.37 views

CVE-2017-16352

GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the DescribeImage function of the magick/describe.c file. One possible way to trigger the vulnerability is to run the identify command on a specially crafted...

8.8CVSS7AI score0.14512EPSS
Exploits3References4
OSV
OSV
added 2017/11/01 3:29 p.m.7 views

CVE-2017-16353

GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the IPTC Profile...

6.5CVSS8.8AI score
Exploits0References9
Prion
Prion
added 2017/11/01 3:29 p.m.21 views

Heap overflow

GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the IPTC Profile...

4.3CVSS7.1AI score0.13679EPSS
Exploits3References9Affected Software2
Debian CVE
Debian CVE
added 2017/11/01 3:0 p.m.42 views

CVE-2017-16353

GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the IPTC Profile...

6.5CVSS7.9AI score0.13679EPSS
Exploits3
AlpineLinux
AlpineLinux
added 2017/11/01 3:0 p.m.55 views

CVE-2017-16353

GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the IPTC Profile...

6.5CVSS7.8AI score0.13679EPSS
Exploits3
Cvelist
Cvelist
added 2017/10/12 8:0 a.m.34 views

CVE-2017-15277

ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process that operates on interesting data, this data...

7.2AI score0.19193EPSS
Exploits4References9
OSV
OSV
added 2017/09/12 12:29 a.m.7 views

CVE-2017-14314

Off-by-one error in the DrawImage function in magick/render.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service DrawDashPolygon heap-based buffer over-read and application crash via a crafted file...

6.5CVSS8.5AI score0.01861EPSS
Exploits0References5
OSV
OSV
added 2017/09/06 6:29 p.m.9 views

CVE-2017-14165

The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has an issue where memory allocation is excessive because it depends only on a length field in a header. This may lead to remote denial of service in the MagickMalloc function in magick/memory.c...

6.5CVSS9.2AI score
Exploits0References4
OSV
OSV
added 2017/08/30 9:29 a.m.5 views

CVE-2017-13777

GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage in a coders/xbm.c "Read hex image data" version==10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request it...

6.5CVSS8.9AI score
Exploits0References6
Rows per page
Query Builder