991 matches found
SUSE CVE-2018-14435
ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c...
SUSE CVE-2018-16640
ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ReadOneJNGImage in coders/png.c...
SUSE CVE-2019-12975
ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c...
SUSE CVE-2019-12978
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the ReadPANGOImage function in coders/pango.c...
SUSE CVE-2019-13133
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c...
SUSE CVE-2019-13305
ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error...
SUSE CVE-2019-16710
ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c...
SUSE CVE-2019-16713
ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c...
SUSE CVE-2019-16712
ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image...
SUSE CVE-2019-17541
ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c...
SUSE CVE-2019-18853
ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because XMLPARSEHUGE is not properly restricted in coders/svg.c, related to SVG and libxml2...
SUSE CVE-2020-25665
The PALM image coder at coders/palm.c makes an improper call to AcquireQuantumMemory in routine WritePALMImage because it needs to be offset by 256. This can cause a out-of-bounds read later on in the routine. The patch adds 256 to bytesperrow in the call to AcquireQuantumMemory. This could cause...
SUSE CVE-2020-25674
WriteOnePNGImage from coders/png.c the PNG coder has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. This occurs because it is possible for the colormap to have less than 256 valid values but the loop condition will loop 256 times,...
SUSE CVE-2020-27753
There are several memory leaks in the MIFF coder in /coders/miff.c due to improper image depth values, which can be triggered by a specially crafted input file. These leaks could potentially lead to an impact to application availability or cause a denial of service. It was originally reported tha...
SUSE CVE-2020-27829
A heap based buffer overflow in coders/tiff.c may result in program crash and denial of service in ImageMagick before 7.0.10-45...
SUSE CVE-2021-3610
A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage in coders/tiff.c. This issue is due to an incorrect setting of the pixel array size, which can lead to a crash and segmentation fault...
SUSE CVE-2021-20241
A flaw was found in ImageMagick in coders/jp2.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability...
SUSE CVE-2021-39212
ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and proprietary applications. In affected versions and in certain cases, Postscript files could be read and written when specifically excluded...
SUSE CVE-2022-32545
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior...
CVE-2022-4341
A vulnerability has been found in csliuwy coder-chaingdut and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /back/index.php/user/User/?1. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been...