Filtered by vendor Graphicsmagick Subscriptions
Total 118 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2018-6799 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2024-11-21 N/A
The AcquireCacheNexus function in magick/pixel_cache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service (heap overwrite) or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used.
CVE-2018-5685 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2024-11-21 N/A
In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function (coders/bmp.c). Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask value.
CVE-2018-5360 2 Graphicsmagick, Libtiff 2 Graphicsmagick, Libtiff 2024-11-21 N/A
LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick 1.3.27.
CVE-2018-20189 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2024-11-21 N/A
In GraphicsMagick 1.3.31, the ReadDIBImage function of coders/dib.c has a vulnerability allowing a crash and denial of service via a dib file that is crafted to appear with direct pixel values and also colormapping (which is not available beyond 8-bits/sample), and therefore lacks indexes initialization.
CVE-2018-20185 3 Canonical, Debian, Graphicsmagick 3 Ubuntu Linux, Debian Linux, Graphicsmagick 2024-11-21 5.3 Medium
In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. This only affects GraphicsMagick installations with customized BMP limits.
CVE-2018-20184 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2024-11-21 N/A
In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a heap-based buffer overflow in the WriteTGAImage function of tga.c, which allows attackers to cause a denial of service via a crafted image file, because the number of rows or columns can exceed the pixel-dimension restrictions of the TGA specification.
CVE-2018-18544 4 Graphicsmagick, Imagemagick, Opensuse and 1 more 4 Graphicsmagick, Imagemagick, Leap and 1 more 2024-11-21 N/A
There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31.
CVE-2017-9098 3 Debian, Graphicsmagick, Imagemagick 3 Debian Linux, Graphicsmagick, Imagemagick 2024-11-21 7.5 High
ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image data on behalf of multiple users. This is caused by a missing initialization step in the ReadRLEImage function in coders/rle.c.
CVE-2017-6335 1 Graphicsmagick 1 Graphicsmagick 2024-11-21 N/A
The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a small samples per pixel value in a CMYKA TIFF file.
CVE-2017-18231 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2024-11-21 N/A
An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadEnhMetaFile in coders/emf.c, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-18230 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2024-11-21 N/A
An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadCINEONImage in coders/cineon.c, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-18229 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2024-11-21 N/A
An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allows attackers to cause a denial of service via a crafted file, because file size is not properly used to restrict scanline, strip, and tile allocations.
CVE-2017-18220 1 Graphicsmagick 1 Graphicsmagick 2024-11-21 N/A
The ReadOneJNGImage and ReadJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 allow remote attackers to cause a denial of service (magick/blob.c CloseBlob use-after-free) or possibly have unspecified other impact via a crafted file, a related issue to CVE-2017-11403.
CVE-2017-18219 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2024-11-21 N/A
An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted file that triggers an attempt at a large png_pixels array allocation.
CVE-2017-17915 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2024-11-21 N/A
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadMNGImage in coders/png.c, related to accessing one byte before testing whether a limit has been reached.
CVE-2017-17913 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2024-11-21 N/A
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to an incompatibility with libwebp versions, 0.5.0 and later, that use a different structure type.
CVE-2017-17912 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2024-11-21 N/A
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadNewsProfile in coders/tiff.c, in which LocaleNCompare reads heap data beyond the allocated region.
CVE-2017-17783 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2024-11-21 N/A
In GraphicsMagick 1.3.27a, there is a buffer over-read in ReadPALMImage in coders/palm.c when QuantumDepth is 8.
CVE-2017-17782 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2024-11-21 N/A
In GraphicsMagick 1.3.27a, there is a heap-based buffer over-read in ReadOneJNGImage in coders/png.c, related to oFFs chunk allocation.
CVE-2017-17503 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2024-11-21 N/A
ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file.