21 matches found
Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017551)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017551 advisory. The PALM image coder at coders/palm.c makes an improper call to AcquireQuantumMemory in routine WritePALMImage because it needs to be offset by 256. This can cause a...
EUVD-2020-20262
Malware in sbrugna...
SUSE CVE-2020-27758
A flaw was found in ImageMagick in coders/txt.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long long. This would most likely lead to an impact to application availability, but...
SUSE CVE-2020-27762
A flaw was found in ImageMagick in coders/hdr.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char. This would most likely lead to an impact to application availability, but could...
Imagemagick Studio ImageMagick Input Validation Error Vulnerability (CNVD-2021-23800)
Imagemagick Studio ImageMagick is a suite of open source image processing software from ImageMagick Studio Imagemagick Studio, an American company. The software can read, convert or write images in many formats. A security vulnerability exists in ImageMagick versions prior to 7.0.8-68, which stem...
CVE-2020-27750
A flaw was found in ImageMagick in MagickCore/colorspace-private.h and MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char and math division by zero. This would...
Design/Logic Flaw
A flaw was found in ImageMagick in MagickCore/colorspace-private.h and MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char and math division by zero. This would...
Design/Logic Flaw
A flaw was found in ImageMagick in coders/txt.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long long. This would most likely lead to an impact to application availability, but...
Design/Logic Flaw
A floating point math calculation in ScaleAnyToQuantum of /MagickCore/quantum-private.h could lead to undefined behavior in the form of a value outside the range of type unsigned long long. The flaw could be triggered by a crafted input file under certain conditions when it is processed by...
UBUNTU-CVE-2020-25674
WriteOnePNGImage from coders/png.c the PNG coder has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. This occurs because it is possible for the colormap to have less than 256 valid values but the loop condition will loop 256 times,...
ImageMagick Studio ImageMagick 输入验证错误漏洞
Imagemagick Studio ImageMagick is a suite of open source image processing software from ImageMagick Studio Imagemagick Studio, an American company. The software can read, convert or write images in many formats. A security vulnerability exists in ImageMagick versions prior to 7.0.8-68, which stem...
CVE-2020-25674
WriteOnePNGImage from coders/png.c the PNG coder has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. This occurs because it is possible for the colormap to have less than 256 valid values but the loop condition will loop 256 times,...
Design/Logic Flaw
Due to a missing check for 0 value of replaceextent, it is possible for offset p to overflow in SubstituteString, causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick. This flaw affects ImageMagick versions prior to...
CVE-2020-27770
Due to a missing check for 0 value of replaceextent, it is possible for offset p to overflow in SubstituteString, causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick. This flaw affects ImageMagick versions prior to...
Design/Logic Flaw
In IntensityCompare of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a value outside the range of type int to be returned. The flaw could be triggered by a crafted input file under certain conditions when processed by ImageMagick. Red Hat...
Design/Logic Flaw
A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could potentially cause...
UBUNTU-CVE-2020-27760
In GammaImage of /MagickCore/enhance.c, depending on the gamma value, it's possible to trigger a divide-by-zero condition when a crafted input file is processed by ImageMagick. This could lead to an impact to application availability. The patch uses the PerceptibleReciprocal to prevent the...
UBUNTU-CVE-2020-27759
In IntensityCompare of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a value outside the range of type int to be returned. The flaw could be triggered by a crafted input file under certain conditions when processed by ImageMagick. Red Hat...
ImageMagick < 7.0.9-0 Denial of Service (DoS) Vulnerability - Mac OS X
ImageMagick is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2019-5838 · Imagemagick +5 · Imagemagick +5
Name of the Vulnerable Software and Affected Versions: ImageMagick versions prior to 7.0.8-68 Description: The issue is related to a missing check for a 0 value of replace extent in the SubstituteString function, which can cause an offset p to overflow. This could be triggered by a crafted input...