CVE-2020-27753

There are several memory leaks in the MIFF coder in /coders/miff.c due to improper image depth values, which can be triggered by a specially crafted input file. These leaks could potentially lead to an impact to application availability or cause a denial of service. It was originally reported tha...

imagemagick: memory leak in function DecodeImage in coders/pcd.c

In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c...

ImageMagick: memory leak in WriteMSLImage of coders/msl.c

There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31...

ImageMagick: CPU exhaustion vulnerability in function ReadDDSInfo in coders/dds.c

ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service...

ImageMagick: memory leak in DecodeImage in coders/pcd.c

ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c...

ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure

In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c...

ImageMagick: Memory leak in WriteTIFFImage

ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c...

graphicsmagick:coder_PICT_fuzzer: Heap-buffer-overflow in DecodeImage

Project: http://hg.code.sf.net/p/graphicsmagick/code Detailed Report: https://oss-fuzz.com/testcase?key=5649205997862912 Project: graphicsmagick Fuzzing Engine: libFuzzer Fuzz Target: coderPICTfuzzer Job Type: libfuzzerasangraphicsmagick Platform Id: linux Crash Type: Heap-buffer-overflow READ...

PT-2019-5895 · Imagemagick +5 · Imagemagick +5

Name of the Vulnerable Software and Affected Versions: ImageMagick version 7.0.8-43 Q16 Description: The issue is related to a heap-based buffer overflow in the WriteSGIImage function of coders/sgi.c. This can be exploited by a remote attacker to access confidential data, compromise data integrit...

PT-2020-16154 · Imagemagick +3 · Imagemagick +3

Name of the Vulnerable Software and Affected Versions: ImageMagick versions prior to 6.9.10-68 and 7.0.8-68 Description: The issue arises from an improper call to AcquireVirtualMemory and memset in the WriteOnePNGImage function of the PNG coder, allowing for an out-of-bounds write when...

CVE-2019-17541

ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c...

PT-2019-5853 · Imagemagick +5 · Imagemagick +5

Name of the Vulnerable Software and Affected Versions: ImageMagick versions prior to 7.0.8-68 Description: The issue is related to the WriteOnePNGImage function from coders/png.c the PNG coder which has a for loop with an improper exit condition. This can allow an out-of-bounds READ via...

UBUNTU-CVE-2019-16710

ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c...

UBUNTU-CVE-2019-16712

ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image...

EulerOS 2.0 SP5 : ImageMagick (EulerOS-SA-2019-1970)

According to the versions of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack o...

[SECURITY] [DSA 4522-1] faad2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4522-1 [email protected] https://www.debian.org/security/ Hugo Lefeuvre September 15, 2019 https://www.debian.org/security/faq -...

PT-2019-2941 · Imagemagick +4 · Imagemagick +4

Name of the Vulnerable Software and Affected Versions: ImageMagick versions 7.0.8-50 Description: The issue is related to a buffer overflow in the WritePNMImage function in the coders/pnm.c file of the ImageMagick console graphic editor. This can be exploited by a remote attacker using a speciall...

CVE-2019-13135

ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c...

UBUNTU-CVE-2019-13133

ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c...

ImageMagick Resource Management Error Vulnerability (CNVD-2019-29432)

ImageMagick is the United States ImageMagick Studio, Inc. of a set of open source image processing software. A memory leak vulnerability exists in the 'WriteDPXImage' function in the coders/dpx.c file in ImageMagick version 7.0.8-34. An attacker could exploit this vulnerability to cause a denial ...