Lucene search
K

50 matches found

debiancve
debiancve
added 2021/09/13 12:0 a.m.45 views

CVE-2021-39212

ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and proprietary applications. In affected versions and in certain cases, Postscript files could be read and written when specifically excluded...

4.4CVSS4.8AI score0.00353EPSS
Exploits0
ptsecurity
ptsecurity
added 2021/09/11 12:0 a.m.6 views

PT-2021-7869 · Unknown +4 · Imagemagick +4

Name of the Vulnerable Software and Affected Versions: ImageMagick versions prior to 6.9.12-22 ImageMagick versions prior to 7.1.0-7 Description: The issue is related to the handling of Postscript files in ImageMagick, where these files could be read and written even when excluded by a module...

7.8CVSS5.9AI score0.07508EPSS
Exploits7References110
redhatcve
redhatcve
added 2019/05/08 10:50 a.m.23 views

CVE-2019-11470

The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service uncontrolled resource consumption by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a...

7.1CVSS3.1AI score0.03643EPSS
Exploits1References3
nessus
nessus
added 2019/01/02 12:0 a.m.25 views

SUSE SLED15 / SLES15 Security Update : ImageMagick (SUSE-SU-2018:2562-1)

This update for ImageMagick fixes the following issues : Security issue fixed : Disable PS, PS2, PS3, XPS and PDF coders in default policy.xml bsc1105592 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempte...

5.5AI score
Exploits0References2
nessus
nessus
added 2018/09/25 12:0 a.m.43 views

openSUSE Security Update : ImageMagick (openSUSE-2018-1038)

This update for ImageMagick fixes the following issues : The following security vulnerabilities were fixed : - CVE-2018-16329: Prevent NULL pointer dereference in the GetMagickProperty function leading to DoS bsc1106858 - CVE-2018-16323: ReadXBMImage left data uninitialized when processing an XBM...

9.8CVSS7AI score0.49324EPSS
Exploits7References13
opensuse
opensuse
added 2018/09/24 12:8 p.m.132 views

Security update for ImageMagick (moderate)

This update for ImageMagick fixes the following issues: The following security vulnerabilities were fixed: - CVE-2018-16329: Prevent NULL pointer dereference in the GetMagickProperty function leading to DoS bsc1106858 - CVE-2018-16323: ReadXBMImage left data uninitialized when processing an XBM...

4.3CVSS1.8AI score0.49324EPSS
Exploits7References7
nessus
nessus
added 2018/09/24 12:0 a.m.35 views

SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2018:2778-1)

This update for ImageMagick fixes the following issues : The following security vulnerabilities were fixed : CVE-2018-16329: Prevent NULL pointer dereference in the GetMagickProperty function leading to DoS bsc1106858 CVE-2018-16323: ReadXBMImage left data uninitialized when processing an XBM fil...

9.8CVSS7AI score0.49324EPSS
Exploits7References20
nessus
nessus
added 2018/09/04 12:0 a.m.23 views

openSUSE Security Update : ImageMagick (openSUSE-2018-954)

This update for ImageMagick fixes the following issues : Security issue fixed : - Disable PS, PS2, PS3, XPS and PDF coders in default policy.xml bsc1105592 This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive tex...

5.4AI score
Exploits0References1
hackerone
hackerone
added 2018/08/31 12:48 p.m.132 views

Semrush: Remote Code Execution on www.semrush.com/my_reports on Logo upload

The Logo upload in the report constructor at: https://www.semrush.com/myreports/constructor F340480 is passed through a not properly patched version of ImageMagick. You can use Postscript to get Ghostscript to run which in return allows to trigger arbitrary commands on the server, leading to Remo...

7.6AI score
Exploits0
osv
osv
added 2018/08/30 2:10 p.m.1 views

SUSE-SU-2018:2562-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: Security issue fixed: - Disable PS, PS2, PS3, XPS and PDF coders in default policy.xml bsc1105592...

7.1AI score
Exploits0References2
zdt
zdt
added 2018/08/23 12:0 a.m.33 views

Ghostscript - Multiple Vulnerabilities

Exploit for linux platform in category local exploits http://seclists.org/oss-sec/2018/q3/142 These are critical and trivial remote code execution bugs in things like ImageMagick, Evince, GIMP, and most other PDF/PS tools. ---- Hello, this was discussed on the distros list, but it was suggested t...

0.2AI score
Exploits0
cert
cert
added 2018/08/21 12:0 a.m.621 views

Ghostscript contains multiple -dSAFER sandbox bypass vulnerabilities

Overview Ghostscript contains multiple -dSAFER sandbox bypass vulnerabilities, which may allow a remote, unauthenticated attacker to execute arbitrary commands on a vulnerable system. Description Ghostscript contains an optional -dSAFER option, which is supposed to prevent unsafe PostScript...

9.3CVSS8.3AI score0.92499EPSS
Exploits4References23
ubuntucve
ubuntucve
added 2018/08/21 12:0 a.m.24 views

CVE-2018-15607

In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote...

7.1CVSS6.8AI score0.0519EPSS
Exploits1References3
osv
osv
added 2016/05/23 12:0 a.m.60 views

DLA-486-1 imagemagick - security update

Bulletin has no description...

10CVSS6.6AI score0.97485EPSS
Exploits13
nessus
nessus
added 2016/05/23 12:0 a.m.43 views

Debian DLA-486-1 : imagemagick security update (ImageTragick)

Nikolay Ermishkin from the Mail.Ru Security Team and Stewie discovered several vulnerabilities in ImageMagick, a program suite for image manipulation. These vulnerabilities, collectively known as ImageTragick, are the consequence of lack of sanitization of untrusted input. An attacker with contro...

10CVSS6.8AI score0.97485EPSS
Exploits13References7
nessus
nessus
added 2016/05/17 12:0 a.m.52 views

Debian DSA-3580-1 : imagemagick - security update (ImageTragick)

Nikolay Ermishkin from the Mail.Ru Security Team and Stewie discovered several vulnerabilities in ImageMagick, a program suite for image manipulation. These vulnerabilities, collectively known as ImageTragick, are the consequence of lack of sanitization of untrusted input. An attacker with contro...

10CVSS6.6AI score0.97485EPSS
Exploits13References13
openvas
openvas
added 2016/05/15 12:0 a.m.36 views

Debian: Security Advisory (DSA-3580-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.1AI score0.97485EPSS
Exploits13References5
f5
f5
added 2016/05/13 12:0 a.m.53 views

SOL29154575 - ImageMagick vulnerability CVE-2016-3717

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

10CVSS2.1AI score0.97485EPSS
Exploits13References9
f5
f5
added 2016/05/13 12:0 a.m.50 views

SOL25102203 - ImageMagick vulnerability CVE-2016-3716

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

10CVSS2.2AI score0.97485EPSS
Exploits13References9
nessus
nessus
added 2016/05/12 12:0 a.m.103 views

Amazon Linux AMI : ImageMagick (ALAS-2016-699) (ImageTragick)

It was discovered that ImageMagick did not properly sanitize certain input before passing it to the delegate functionality. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities,...

10CVSS6.7AI score0.97485EPSS
Exploits13References6
Rows per page
Query Builder