In GraphicsMagick, a heap buffer overflow was found when parsing MIFF.
Max CVSS
7.8
EPSS Score
0.06%
Published
2022-09-28
Updated
2023-02-01
Buffer Overflow vulnerability in WritePCXImage function in pcx.c in GraphicsMagick 1.4 allows remote attackers to cause a denial of service via converting of crafted image file to pcx format.
Max CVSS
5.5
EPSS Score
0.13%
Published
2023-08-22
Updated
2023-08-25
GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.
Max CVSS
7.5
EPSS Score
0.26%
Published
2020-05-06
Updated
2022-11-14
GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c.
Max CVSS
9.8
EPSS Score
0.22%
Published
2020-03-24
Updated
2022-01-01
In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c.
Max CVSS
9.1
EPSS Score
0.31%
Published
2019-12-24
Updated
2022-10-31
In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c.
Max CVSS
9.8
EPSS Score
1.22%
Published
2019-12-24
Updated
2022-10-31
In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c.
Max CVSS
9.8
EPSS Score
0.72%
Published
2019-12-24
Updated
2022-10-31
In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read arbitrary files via a crafted image because of TranslateTextEx for SVG.
Max CVSS
6.5
EPSS Score
3.65%
Published
2020-03-18
Updated
2022-03-31
In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to ExportRedQuantumType in magick/export.c.
Max CVSS
8.8
EPSS Score
0.40%
Published
2019-04-24
Updated
2023-03-01
In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to MagickBitStreamMSBWrite in magick/bit_stream.c.
Max CVSS
8.8
EPSS Score
0.35%
Published
2019-04-24
Updated
2023-03-01
coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (floating-point exception and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009.
Max CVSS
6.5
EPSS Score
0.58%
Published
2019-04-23
Updated
2023-03-01
coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (out-of-bounds read and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009.
Max CVSS
6.5
EPSS Score
0.41%
Published
2019-04-23
Updated
2019-05-23
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a memory leak in the function ReadMPCImage of coders/mpc.c, which allows attackers to cause a denial of service via a crafted image file.
Max CVSS
6.5
EPSS Score
0.37%
Published
2019-04-08
Updated
2020-08-24
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadXWDImage of coders/xwd.c, which allows attackers to cause a denial of service or information disclosure via a crafted image file.
Max CVSS
8.1
EPSS Score
0.28%
Published
2019-04-08
Updated
2019-05-23
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file.
Max CVSS
8.8
EPSS Score
1.02%
Published
2019-04-08
Updated
2023-03-01
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image colormap.
Max CVSS
8.1
EPSS Score
0.81%
Published
2019-04-08
Updated
2023-03-01
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c, which allows attackers to cause a denial of service or information disclosure via an RLE packet.
Max CVSS
9.1
EPSS Score
0.32%
Published
2019-04-08
Updated
2020-08-24
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buffer overflow in the function SVGStartElement of coders/svg.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a quoted font family value.
Max CVSS
9.8
EPSS Score
2.77%
Published
2019-04-08
Updated
2020-08-24
In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.
Max CVSS
7.5
EPSS Score
0.48%
Published
2019-02-05
Updated
2021-04-28
In GraphicsMagick 1.3.31, the ReadDIBImage function of coders/dib.c has a vulnerability allowing a crash and denial of service via a dib file that is crafted to appear with direct pixel values and also colormapping (which is not available beyond 8-bits/sample), and therefore lacks indexes initialization.
Max CVSS
6.5
EPSS Score
0.20%
Published
2018-12-17
Updated
2019-12-03
In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. This only affects GraphicsMagick installations with customized BMP limits.
Max CVSS
5.3
EPSS Score
0.29%
Published
2018-12-17
Updated
2020-08-18
In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a heap-based buffer overflow in the WriteTGAImage function of tga.c, which allows attackers to cause a denial of service via a crafted image file, because the number of rows or columns can exceed the pixel-dimension restrictions of the TGA specification.
Max CVSS
6.5
EPSS Score
0.62%
Published
2018-12-17
Updated
2020-08-24
There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31.
Max CVSS
6.5
EPSS Score
0.21%
Published
2018-10-21
Updated
2019-10-03
In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file.
Max CVSS
6.5
EPSS Score
0.45%
Published
2018-03-25
Updated
2020-01-12
The AcquireCacheNexus function in magick/pixel_cache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service (heap overwrite) or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used.
Max CVSS
8.8
EPSS Score
1.15%
Published
2018-02-07
Updated
2019-06-30
118 vulnerabilities found
1 2 3 4 5
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!