Filtered by vendor Graphicsmagick
Subscriptions
Filtered by product Graphicsmagick
Subscriptions
Total
118 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-17782 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2025-04-20 | N/A |
In GraphicsMagick 1.3.27a, there is a heap-based buffer over-read in ReadOneJNGImage in coders/png.c, related to oFFs chunk allocation. | ||||
CVE-2017-17912 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2025-04-20 | N/A |
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadNewsProfile in coders/tiff.c, in which LocaleNCompare reads heap data beyond the allocated region. | ||||
CVE-2017-17913 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2025-04-20 | N/A |
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to an incompatibility with libwebp versions, 0.5.0 and later, that use a different structure type. | ||||
CVE-2017-17915 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2025-04-20 | N/A |
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadMNGImage in coders/png.c, related to accessing one byte before testing whether a limit has been reached. | ||||
CVE-2017-6335 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-20 | N/A |
The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a small samples per pixel value in a CMYKA TIFF file. | ||||
CVE-2016-2318 | 4 Debian, Graphicsmagick, Opensuse and 1 more | 7 Debian Linux, Graphicsmagick, Leap and 4 more | 2025-04-20 | N/A |
GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c. | ||||
CVE-2016-5241 | 3 Debian, Graphicsmagick, Opensuse | 4 Debian Linux, Graphicsmagick, Leap and 1 more | 2025-04-20 | N/A |
magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file. | ||||
CVE-2017-13065 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2025-04-20 | N/A |
GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c. | ||||
CVE-2017-13066 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-20 | N/A |
GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c. | ||||
CVE-2017-14042 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-20 | N/A |
A memory allocation failure was discovered in the ReadPNMImage function in coders/pnm.c in GraphicsMagick 1.3.26. The vulnerability causes a big memory allocation, which may lead to remote denial of service in the MagickRealloc function in magick/memory.c. | ||||
CVE-2016-7448 | 3 Debian, Graphicsmagick, Opensuse | 4 Debian Linux, Graphicsmagick, Leap and 1 more | 2025-04-20 | N/A |
The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations) via vectors involving the header information and the file size. | ||||
CVE-2016-7449 | 3 Debian, Graphicsmagick, Opensuse | 4 Debian Linux, Graphicsmagick, Leap and 1 more | 2025-04-20 | N/A |
The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string. | ||||
CVE-2017-14103 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-20 | N/A |
The ReadJNGImage and ReadOneJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 do not properly manage image pointers after certain error conditions, which allows remote attackers to conduct use-after-free attacks via a crafted file, related to a ReadMNGImage out-of-order CloseBlob call. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-11403. | ||||
CVE-2017-11102 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-20 | N/A |
The ReadOneJNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (application crash) during JNG reading via a zero-length color_image data structure. | ||||
CVE-2017-13737 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2025-04-20 | N/A |
There is an invalid free in the MagickFree function in magick/memory.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack. | ||||
CVE-2017-13775 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2025-04-20 | N/A |
GraphicsMagick 1.3.26 has a denial of service issue in ReadJNXImage() in coders/jnx.c whereby large amounts of CPU and memory resources may be consumed although the file itself does not support the requests. | ||||
CVE-2017-13776 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2025-04-20 | N/A |
GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version!=10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request it. | ||||
CVE-2017-13777 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2025-04-20 | N/A |
GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version==10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request it. | ||||
CVE-2016-9830 | 3 Debian, Graphicsmagick, Opensuse | 4 Debian Linux, Graphicsmagick, Leap and 1 more | 2025-04-20 | N/A |
The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image. | ||||
CVE-2017-11403 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-20 | N/A |
The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted file. |