ReportizFlow
Filtered by vendor Graphicsmagick
Subscriptions
Total
120 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-14042 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-20 | N/A |
| A memory allocation failure was discovered in the ReadPNMImage function in coders/pnm.c in GraphicsMagick 1.3.26. The vulnerability causes a big memory allocation, which may lead to remote denial of service in the MagickRealloc function in magick/memory.c. | ||||
| CVE-2016-7996 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-20 | N/A |
| Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries. | ||||
| CVE-2016-7997 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-20 | N/A |
| The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (assertion failure and crash) via vectors related to a ReferenceBlob and a NULL pointer. | ||||
| CVE-2017-14103 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-20 | N/A |
| The ReadJNGImage and ReadOneJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 do not properly manage image pointers after certain error conditions, which allows remote attackers to conduct use-after-free attacks via a crafted file, related to a ReadMNGImage out-of-order CloseBlob call. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-11403. | ||||
| CVE-2017-6335 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-20 | N/A |
| The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a small samples per pixel value in a CMYKA TIFF file. | ||||
| CVE-2017-17783 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2025-04-20 | N/A |
| In GraphicsMagick 1.3.27a, there is a buffer over-read in ReadPALMImage in coders/palm.c when QuantumDepth is 8. | ||||
| CVE-2017-10794 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-20 | N/A |
| When GraphicsMagick 1.3.25 processes an RGB TIFF picture (with metadata indicating a single sample per pixel) in coders/tiff.c, a buffer overflow occurs, related to QuantumTransferMode. | ||||
| CVE-2017-10799 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-20 | N/A |
| When GraphicsMagick 1.3.25 processes a DPX image (with metadata indicating a large width) in coders/dpx.c, a denial of service (OOM) can occur in ReadDPXImage(). | ||||
| CVE-2017-11139 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2025-04-20 | N/A |
| GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders/png.c. | ||||
| CVE-2017-11637 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-20 | N/A |
| GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() function in coders/pcl.c during writes of monochrome images. | ||||
| CVE-2017-11643 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-20 | N/A |
| GraphicsMagick 1.3.26 has a heap overflow in the WriteCMYKImage() function in coders/cmyk.c when processing multiple frames that have non-identical widths. | ||||
| CVE-2017-17498 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-20 | N/A |
| WritePNMImage in coders/pnm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (bit_stream.c MagickBitStreamMSBWrite heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. | ||||
| CVE-2017-17501 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2025-04-20 | N/A |
| WriteOnePNGImage in coders/png.c in GraphicsMagick 1.3.26 has a heap-based buffer over-read via a crafted file. | ||||
| CVE-2017-9098 | 3 Debian, Graphicsmagick, Imagemagick | 3 Debian Linux, Graphicsmagick, Imagemagick | 2025-04-20 | 7.5 High |
| ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image data on behalf of multiple users. This is caused by a missing initialization step in the ReadRLEImage function in coders/rle.c. | ||||
| CVE-2017-16545 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-20 | N/A |
| The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to cause a denial of service (ImportIndexQuantumType invalid write and application crash) or possibly have unspecified other impact via a malformed WPG image. | ||||
| CVE-2015-8808 | 3 Fedoraproject, Graphicsmagick, Suse | 5 Fedora, Graphicsmagick, Linux Enterprise Debuginfo and 2 more | 2025-04-12 | N/A |
| The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted GIF file. | ||||
| CVE-2016-5118 | 8 Canonical, Debian, Graphicsmagick and 5 more | 15 Ubuntu Linux, Debian Linux, Graphicsmagick and 12 more | 2025-04-12 | 9.8 Critical |
| The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename. | ||||
| CVE-2012-3438 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-11 | N/A |
| The Magick_png_malloc function in coders/png.c in GraphicsMagick 6.7.8-6 does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation. | ||||
| CVE-2013-4589 | 3 Fedoraproject, Graphicsmagick, Novell | 5 Fedora, Graphicsmagick, Suse Linux Enterprise Debuginfo and 2 more | 2025-04-11 | N/A |
| The ExportAlphaQuantumType function in export.c in GraphicsMagick before 1.3.18 might allow remote attackers to cause a denial of service (crash) via vectors related to exporting the alpha of an 8-bit RGBA image. | ||||
| CVE-2008-6621 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-09 | N/A |
| Unspecified vulnerability in GraphicsMagick before 1.2.3 allows remote attackers to cause a denial of service (crash) via unspecified vectors in DPX images. NOTE: some of these details are obtained from third party information. | ||||