Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Imagemagick Security Vulnerabilities

cve
cve

CVE-2019-10650

In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file.

8.1CVSS

6.4AI Score

0.008EPSS

2019-03-30 02:29 PM
206
cve
cve

CVE-2019-10714

LocaleLowercase in MagickCore/locale.c in ImageMagick before 7.0.8-32 allows out-of-bounds access, leading to a SIGSEGV.

6.5CVSS

6.3AI Score

0.004EPSS

2019-04-02 09:29 PM
36
cve
cve

CVE-2019-11470

The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a...

6.5CVSS

6.9AI Score

0.021EPSS

2019-04-23 02:29 PM
212
cve
cve

CVE-2019-11472

ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.

6.5CVSS

7AI Score

0.02EPSS

2019-04-23 02:29 PM
229
cve
cve

CVE-2019-11597

In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file.

8.1CVSS

7.3AI Score

0.049EPSS

2019-04-29 04:29 PM
235
cve
cve

CVE-2019-11598

In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c.

8.1CVSS

7.2AI Score

0.029EPSS

2019-04-29 04:29 PM
217
cve
cve

CVE-2019-12974

A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image.

5.5CVSS

6.2AI Score

0.004EPSS

2019-06-26 06:15 PM
190
cve
cve

CVE-2019-12975

ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.

5.5CVSS

6.7AI Score

0.001EPSS

2019-06-26 06:15 PM
202
cve
cve

CVE-2019-12976

ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c.

5.5CVSS

6.5AI Score

0.001EPSS

2019-06-26 06:15 PM
197
cve
cve

CVE-2019-12977

ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the WriteJP2Image function in coders/jp2.c.

7.8CVSS

7.8AI Score

0.004EPSS

2019-06-26 06:15 PM
142
cve
cve

CVE-2019-12978

ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the ReadPANGOImage function in coders/pango.c.

7.8CVSS

7.9AI Score

0.004EPSS

2019-06-26 06:15 PM
193
cve
cve

CVE-2019-12979

ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.

7.8CVSS

7.8AI Score

0.003EPSS

2019-06-26 06:15 PM
209
cve
cve

CVE-2019-13133

ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c.

5.5CVSS

6.7AI Score

0.001EPSS

2019-07-01 08:15 PM
230
4
cve
cve

CVE-2019-13134

ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c.

5.5CVSS

6.7AI Score

0.001EPSS

2019-07-01 08:15 PM
240
2
cve
cve

CVE-2019-13135

ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c.

8.8CVSS

8.4AI Score

0.008EPSS

2019-07-01 08:15 PM
240
4
cve
cve

CVE-2019-13136

ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c.

7.8CVSS

8AI Score

0.003EPSS

2019-07-01 08:15 PM
169
cve
cve

CVE-2019-13137

ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.

6.5CVSS

7AI Score

0.005EPSS

2019-07-01 08:15 PM
221
3
cve
cve

CVE-2019-13295

ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.

8.8CVSS

8.5AI Score

0.004EPSS

2019-07-05 01:15 AM
290
cve
cve

CVE-2019-13296

ImageMagick 7.0.8-50 Q16 has direct memory leaks in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c for a NULL value.

6.5CVSS

7.1AI Score

0.002EPSS

2019-07-05 01:15 AM
229
cve
cve

CVE-2019-13297

ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.

8.8CVSS

8.5AI Score

0.004EPSS

2019-07-05 01:15 AM
307
cve
cve

CVE-2019-13298

ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/pixel-accessor.h in SetPixelViaPixelInfo because of a MagickCore/enhance.c error.

8.8CVSS

8.6AI Score

0.002EPSS

2019-07-05 01:15 AM
235
cve
cve

CVE-2019-13299

ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/pixel-accessor.h in GetPixelChannel.

8.8CVSS

8.5AI Score

0.003EPSS

2019-07-05 01:15 AM
227
cve
cve

CVE-2019-13300

ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns.

8.8CVSS

8.6AI Score

0.006EPSS

2019-07-05 01:15 AM
300
cve
cve

CVE-2019-13301

ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.

6.5CVSS

7.1AI Score

0.005EPSS

2019-07-05 01:15 AM
290
cve
cve

CVE-2019-13302

ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/fourier.c in ComplexImages.

8.8CVSS

8.5AI Score

0.003EPSS

2019-07-05 01:15 AM
227
cve
cve

CVE-2019-13303

ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/composite.c in CompositeImage.

8.8CVSS

8.5AI Score

0.005EPSS

2019-07-05 01:15 AM
233
cve
cve

CVE-2019-13304

ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment.

7.8CVSS

8.2AI Score

0.001EPSS

2019-07-05 01:15 AM
302
cve
cve

CVE-2019-13305

ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error.

7.8CVSS

8.2AI Score

0.001EPSS

2019-07-05 01:15 AM
286
cve
cve

CVE-2019-13306

ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.

7.8CVSS

8.1AI Score

0.001EPSS

2019-07-05 01:15 AM
290
cve
cve

CVE-2019-13307

ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows.

7.8CVSS

8.1AI Score

0.001EPSS

2019-07-05 01:15 AM
284
cve
cve

CVE-2019-13308

ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage.

8.8CVSS

8.6AI Score

0.006EPSS

2019-07-05 01:15 AM
241
cve
cve

CVE-2019-13309

ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c.

6.5CVSS

7.1AI Score

0.005EPSS

2019-07-05 01:15 AM
297
cve
cve

CVE-2019-13310

ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c.

6.5CVSS

7.1AI Score

0.004EPSS

2019-07-05 01:15 AM
290
cve
cve

CVE-2019-13311

ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.

6.5CVSS

7.1AI Score

0.003EPSS

2019-07-05 01:15 AM
288
cve
cve

CVE-2019-13391

In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels.

8.8CVSS

8.4AI Score

0.012EPSS

2019-07-07 10:15 PM
143
cve
cve

CVE-2019-13454

ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.

6.5CVSS

7.1AI Score

0.005EPSS

2019-07-09 05:15 PM
264
cve
cve

CVE-2019-14980

In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file.

6.5CVSS

7.2AI Score

0.007EPSS

2019-08-12 11:15 PM
225
cve
cve

CVE-2019-14981

In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.

6.5CVSS

7.2AI Score

0.019EPSS

2019-08-12 11:15 PM
233
cve
cve

CVE-2019-15139

The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability ...

6.5CVSS

7.2AI Score

0.02EPSS

2019-08-18 07:15 PM
209
cve
cve

CVE-2019-15140

coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.

8.8CVSS

8.1AI Score

0.033EPSS

2019-08-18 07:15 PM
219
cve
cve

CVE-2019-15141

WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirector...

6.5CVSS

6.9AI Score

0.049EPSS

2019-08-18 07:15 PM
216
cve
cve

CVE-2019-16708

ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.

6.5CVSS

7.4AI Score

0.002EPSS

2019-09-23 12:15 PM
210
cve
cve

CVE-2019-16709

ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.

6.5CVSS

7AI Score

0.004EPSS

2019-09-23 12:15 PM
204
cve
cve

CVE-2019-16710

ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.

6.5CVSS

7.5AI Score

0.002EPSS

2019-09-23 12:15 PM
209
cve
cve

CVE-2019-16711

ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.

6.5CVSS

7.5AI Score

0.002EPSS

2019-09-23 12:15 PM
198
cve
cve

CVE-2019-16712

ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image.

6.5CVSS

7.5AI Score

0.001EPSS

2019-09-23 12:15 PM
203
cve
cve

CVE-2019-16713

ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.

6.5CVSS

7.5AI Score

0.002EPSS

2019-09-23 12:15 PM
211
cve
cve

CVE-2019-17540

ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.

8.8CVSS

9.2AI Score

0.002EPSS

2019-10-14 02:15 AM
187
2
cve
cve

CVE-2019-17541

ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c.

8.8CVSS

8.9AI Score

0.004EPSS

2019-10-14 02:15 AM
201
cve
cve

CVE-2019-17547

In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free.

8.8CVSS

8.5AI Score

0.003EPSS

2019-10-14 02:15 AM
127
Total number of security vulnerabilities646