CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

Veracode•added 2017/09/13 5:51 a.m.•15 views

Denial Of Service (DoS) Through Memory Leak

ImageMagick is vulnerable to denial of service DoS attacks through a memory leak. Using a .xcf file, attackers can trigger a memory leak through the ReadXCFImage function of coders/xcf.c...

6.5CVSS6.8AI score0.00406EPSS

Exploits1References3Affected Software1

OSV•added 2017/09/12 5:29 p.m.•14 views

CVE-2017-14343

ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file...

6.5CVSS6.4AI score

Exploits0References2

CVE•added 2017/09/01 9:0 p.m.•85 views

CVE-2017-12691

CVE-2017-12691 is rejected and does not represent an active vulnerability entry.

7.1CVSS6AI score0.00952EPSS

Exploits0References5Affected Software1

Debian CVE•added 2017/09/01 9:0 p.m.•36 views

CVE-2017-12691

The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service memory consumption via a crafted file...

7.1CVSS7AI score0.00952EPSS

Exploits0

Veracode•added 2017/08/24 5:27 a.m.•23 views

Denial-of-Service (DoS) Through Memory Exhaustion

ImageMagick is vulnerable to denial of service DoS attacks through memory exhaustion. The loadlevel function in coders/xcf.c does not validate offsets, allowing a malicious user to pass a xcf file to allocate over the memory limit and consume all the application's memory...

6.5CVSS7.2AI score0.00445EPSS

Exploits0References5Affected Software1

Prion•added 2017/08/23 3:29 a.m.•20 views

Design/Logic Flaw

In ImageMagick 7.0.6-8, the loadlevel function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service loadtile memory exhaustion via a crafted file...

7.1CVSS7.1AI score0.00445EPSS

Exploits0References5Affected Software1

OSV•added 2017/08/23 3:29 a.m.•21 views

CVE-2017-13133

In ImageMagick 7.0.6-8, the loadlevel function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service loadtile memory exhaustion via a crafted file...

6.5CVSS8.7AI score

Exploits0References5

Cvelist•added 2017/08/23 3:0 a.m.•17 views

CVE-2017-13133

In ImageMagick 7.0.6-8, the loadlevel function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service loadtile memory exhaustion via a crafted file...

7.2AI score0.00445EPSS

Exploits0References5

Debian CVE•added 2017/08/23 3:0 a.m.•37 views

CVE-2017-13133

In ImageMagick 7.0.6-8, the loadlevel function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service loadtile memory exhaustion via a crafted file...

7.1CVSS6.7AI score0.00445EPSS

Exploits0

Prion•added 2017/04/19 2:59 p.m.•12 views

Out-of-bounds

coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service out-of-bounds read via a crafted XCF file...

4.3CVSS6.7AI score0.0109EPSS

Exploits0References8

OSV•added 2017/04/19 2:59 p.m.•16 views

CVE-2016-7529

coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service out-of-bounds read via a crafted XCF file...

6.5CVSS6.4AI score

Exploits0References8