Lucene search
K

35 matches found

CVE
CVE
added 2017/12/26 8:0 p.m.103 views

CVE-2017-17913

CVE-2017-17913 affects GraphicsMagick, specifically a stack-based buffer over-read in WriteWEBPImage (coders/webp.c) caused by incompatibility with libwebp versions 0.5.0 and later. The description in the initial document notes GraphicsMagick 1.4 snapshot-20171217 Q8 as affected. Connected docume...

8.8CVSS9AI score0.01606EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2017/12/25 12:0 a.m.3 views

ImageMagick Stack Buffer Overflow Vulnerability

ImageMagick is a software for creating, editing, and compositing images that can read, convert, and write images in many formats. A stack buffer overflow vulnerability exists in WriteWEBPImage in coders/webp.c in ImageMagick version 7.0.7-16 Q16 x8664 2017-12-21. An attacker can exploit this...

8.8CVSS7.2AI score0.01302EPSS
Exploits0References1
CVE
CVE
added 2017/12/24 4:0 a.m.67 views

CVE-2017-17880

CVE-2017-17880 refers to ImageMagick 7.0.7-16 Q16 x86_64 where a stack-based buffer over-read occurs in the WriteWEBPImage path (coders/webp.c) due to a WEBP_DECODER_ABI_VERSION check. The connected Nessus entry for CVE-2017-17880 shows the issue as unpatched in some Linux distros (vendor patch n...

8.8CVSS8.5AI score0.01302EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2017/12/24 4:0 a.m.51 views

CVE-2017-17880

In ImageMagick 7.0.7-16 Q16 x8664 2017-12-21, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to a WEBPDECODERABIVERSION check...

8.8CVSS7.4AI score0.01302EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2017/09/05 12:18 p.m.23 views

CVE-2017-14138

ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors...

9.8CVSS4.1AI score0.02056EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2017/09/05 12:18 p.m.24 views

CVE-2017-14137

ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue where memory allocation is excessive because it depends only on a length field in a header...

7.5CVSS1.7AI score0.01162EPSS
Exploits0References1
OSV
OSV
added 2017/09/04 11:29 p.m.21 views

CVE-2017-14138

ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors...

9.8CVSS6.5AI score
Exploits0References2
Prion
Prion
added 2017/09/04 11:29 p.m.18 views

Memory corruption

ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors...

7.5CVSS9.2AI score0.02056EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2017/09/04 11:0 p.m.67 views

CVE-2017-14137

CVE-2017-14137 affects ImageMagick 7.0.6-5, where ReadWEBPImage (coders/webp.c) allocates memory based solely on a header length field, causing excessive memory allocation. This can lead to memory exhaustion/DoS. The incident is documented with this exact technical detail; no fix/version or remed...

7.5CVSS7.4AI score0.01162EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2017/09/04 11:0 p.m.52 views

CVE-2017-14138

ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors...

9.8CVSS9.3AI score0.02056EPSS
Exploits1
Prion
Prion
added 2017/06/28 6:29 a.m.16 views

Heap overflow

libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not ensure that pixfmt is set, which allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecifie...

6.8CVSS8.3AI score0.01845EPSS
Exploits0References5Affected Software2
NVD
NVD
added 2017/06/28 6:29 a.m.21 views

CVE-2017-9994

libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not ensure that pixfmt is set, which allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecifie...

7.8CVSS8.2AI score0.01845EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2017/06/28 6:29 a.m.20 views

CVE-2017-9994

libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not ensure that pixfmt is set, which allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecifie...

7.8CVSS7.3AI score0.01845EPSS
Exploits0References4
OSV
OSV
added 2017/06/28 6:29 a.m.22 views

CVE-2017-9994

libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not ensure that pixfmt is set, which allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecifie...

7.8CVSS8AI score
Exploits0References5
Cvelist
Cvelist
added 2017/06/28 6:0 a.m.30 views

CVE-2017-9994

libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not ensure that pixfmt is set, which allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecifie...

7.5AI score0.01845EPSS
Exploits0References5
Rows per page
Query Builder