Lucene search
K

21 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.6 views

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017551)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017551 advisory. The PALM image coder at coders/palm.c makes an improper call to AcquireQuantumMemory in routine WritePALMImage because it needs to be offset by 256. This can cause a...

5.5CVSS6.3AI score0.01016EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-20262

Malware in sbrugna...

4.3CVSS6.4AI score0.01124EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:52 a.m.2 views

SUSE CVE-2020-27758

A flaw was found in ImageMagick in coders/txt.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long long. This would most likely lead to an impact to application availability, but...

5.3CVSS6.3AI score0.01124EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:52 a.m.4 views

SUSE CVE-2020-27762

A flaw was found in ImageMagick in coders/hdr.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char. This would most likely lead to an impact to application availability, but could...

5.3CVSS6.3AI score0.01091EPSS
Exploits0References8
CNVD
CNVD
added 2020/12/15 12:0 a.m.10 views

Imagemagick Studio ImageMagick Input Validation Error Vulnerability (CNVD-2021-23800)

Imagemagick Studio ImageMagick is a suite of open source image processing software from ImageMagick Studio Imagemagick Studio, an American company. The software can read, convert or write images in many formats. A security vulnerability exists in ImageMagick versions prior to 7.0.8-68, which stem...

4.3CVSS6.4AI score0.01072EPSS
Exploits1References1
NVD
NVD
added 2020/12/08 10:15 p.m.19 views

CVE-2020-27750

A flaw was found in ImageMagick in MagickCore/colorspace-private.h and MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char and math division by zero. This would...

5.5CVSS5.6AI score0.00982EPSS
Exploits1References3
Prion
Prion
added 2020/12/08 10:15 p.m.20 views

Design/Logic Flaw

A flaw was found in ImageMagick in MagickCore/colorspace-private.h and MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char and math division by zero. This would...

4.3CVSS5.3AI score0.00982EPSS
Exploits1References3Affected Software2
Prion
Prion
added 2020/12/08 10:15 p.m.20 views

Design/Logic Flaw

A flaw was found in ImageMagick in coders/txt.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long long. This would most likely lead to an impact to application availability, but...

4.3CVSS3.4AI score0.01124EPSS
Exploits1References3Affected Software2
Prion
Prion
added 2020/12/08 10:15 p.m.23 views

Design/Logic Flaw

A floating point math calculation in ScaleAnyToQuantum of /MagickCore/quantum-private.h could lead to undefined behavior in the form of a value outside the range of type unsigned long long. The flaw could be triggered by a crafted input file under certain conditions when it is processed by...

4.3CVSS3.5AI score0.01072EPSS
Exploits1References3Affected Software2
OSV
OSV
added 2020/12/08 10:15 p.m.4 views

UBUNTU-CVE-2020-25674

WriteOnePNGImage from coders/png.c the PNG coder has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. This occurs because it is possible for the colormap to have less than 256 valid values but the loop condition will loop 256 times,...

5.5CVSS6.8AI score0.01016EPSS
Exploits1References5
CNNVD
CNNVD
added 2020/12/08 12:0 a.m.8 views

ImageMagick Studio ImageMagick 输入验证错误漏洞

Imagemagick Studio ImageMagick is a suite of open source image processing software from ImageMagick Studio Imagemagick Studio, an American company. The software can read, convert or write images in many formats. A security vulnerability exists in ImageMagick versions prior to 7.0.8-68, which stem...

4.3CVSS6.8AI score0.01072EPSS
Exploits1References10
Debian CVE
Debian CVE
added 2020/12/08 12:0 a.m.37 views

CVE-2020-25674

WriteOnePNGImage from coders/png.c the PNG coder has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. This occurs because it is possible for the colormap to have less than 256 valid values but the loop condition will loop 256 times,...

5.5CVSS6.1AI score0.01016EPSS
Exploits1
Prion
Prion
added 2020/12/04 3:15 p.m.23 views

Design/Logic Flaw

Due to a missing check for 0 value of replaceextent, it is possible for offset p to overflow in SubstituteString, causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick. This flaw affects ImageMagick versions prior to...

4.3CVSS5.6AI score0.01133EPSS
Exploits1References3Affected Software2
Cvelist
Cvelist
added 2020/12/04 12:0 a.m.32 views

CVE-2020-27770

Due to a missing check for 0 value of replaceextent, it is possible for offset p to overflow in SubstituteString, causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick. This flaw affects ImageMagick versions prior to...

6.1AI score0.01133EPSS
Exploits1References3
Prion
Prion
added 2020/12/03 5:15 p.m.20 views

Design/Logic Flaw

In IntensityCompare of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a value outside the range of type int to be returned. The flaw could be triggered by a crafted input file under certain conditions when processed by ImageMagick. Red Hat...

4.3CVSS3.5AI score0.01126EPSS
Exploits0References3Affected Software2
Prion
Prion
added 2020/12/03 5:15 p.m.23 views

Design/Logic Flaw

A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could potentially cause...

4.3CVSS3.4AI score0.00914EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2020/12/03 5:15 p.m.2 views

UBUNTU-CVE-2020-27760

In GammaImage of /MagickCore/enhance.c, depending on the gamma value, it's possible to trigger a divide-by-zero condition when a crafted input file is processed by ImageMagick. This could lead to an impact to application availability. The patch uses the PerceptibleReciprocal to prevent the...

5.5CVSS6.8AI score0.01365EPSS
Exploits0References5
OSV
OSV
added 2020/12/03 5:15 p.m.3 views

UBUNTU-CVE-2020-27759

In IntensityCompare of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a value outside the range of type int to be returned. The flaw could be triggered by a crafted input file under certain conditions when processed by ImageMagick. Red Hat...

3.3CVSS6.7AI score0.01126EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2019/11/14 12:0 a.m.17 views

ImageMagick < 7.0.9-0 Denial of Service (DoS) Vulnerability - Mac OS X

ImageMagick is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.3AI score0.01467EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2019/10/05 12:0 a.m.14 views

PT-2019-5838 · Imagemagick +5 · Imagemagick +5

Name of the Vulnerable Software and Affected Versions: ImageMagick versions prior to 7.0.8-68 Description: The issue is related to a missing check for a 0 value of replace extent in the SubstituteString function, which can cause an offset p to overflow. This could be triggered by a crafted input...

9.8CVSS6.7AI score0.89855EPSS
Exploits78References375
Rows per page
Query Builder