Filtered by vendor Graphicsmagick Subscriptions
Total 118 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2017-11643 1 Graphicsmagick 1 Graphicsmagick 2024-08-05 N/A
GraphicsMagick 1.3.26 has a heap overflow in the WriteCMYKImage() function in coders/cmyk.c when processing multiple frames that have non-identical widths.
CVE-2017-11642 1 Graphicsmagick 1 Graphicsmagick 2024-08-05 N/A
GraphicsMagick 1.3.26 has a NULL pointer dereference in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11638.
CVE-2017-11637 1 Graphicsmagick 1 Graphicsmagick 2024-08-05 N/A
GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() function in coders/pcl.c during writes of monochrome images.
CVE-2017-11403 1 Graphicsmagick 1 Graphicsmagick 2024-08-05 N/A
The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted file.
CVE-2017-11139 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2024-08-05 N/A
GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders/png.c.
CVE-2017-11140 1 Graphicsmagick 1 Graphicsmagick 2024-08-05 N/A
The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 creates a pixel cache before a successful read of a scanline, which allows remote attackers to cause a denial of service (resource consumption) via crafted JPEG files.
CVE-2017-11102 1 Graphicsmagick 1 Graphicsmagick 2024-08-05 N/A
The ReadOneJNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (application crash) during JNG reading via a zero-length color_image data structure.
CVE-2017-10799 1 Graphicsmagick 1 Graphicsmagick 2024-08-05 N/A
When GraphicsMagick 1.3.25 processes a DPX image (with metadata indicating a large width) in coders/dpx.c, a denial of service (OOM) can occur in ReadDPXImage().
CVE-2017-10800 1 Graphicsmagick 1 Graphicsmagick 2024-08-05 N/A
When GraphicsMagick 1.3.25 processes a MATLAB image in coders/mat.c, it can lead to a denial of service (OOM) in ReadMATImage() if the size specified for a MAT Object is larger than the actual amount of data.
CVE-2017-10794 1 Graphicsmagick 1 Graphicsmagick 2024-08-05 N/A
When GraphicsMagick 1.3.25 processes an RGB TIFF picture (with metadata indicating a single sample per pixel) in coders/tiff.c, a buffer overflow occurs, related to QuantumTransferMode.
CVE-2017-9098 3 Debian, Graphicsmagick, Imagemagick 3 Debian Linux, Graphicsmagick, Imagemagick 2024-08-05 7.5 High
ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image data on behalf of multiple users. This is caused by a missing initialization step in the ReadRLEImage function in coders/rle.c.
CVE-2017-6335 1 Graphicsmagick 1 Graphicsmagick 2024-08-05 N/A
The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a small samples per pixel value in a CMYKA TIFF file.
CVE-2018-20184 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2024-08-05 N/A
In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a heap-based buffer overflow in the WriteTGAImage function of tga.c, which allows attackers to cause a denial of service via a crafted image file, because the number of rows or columns can exceed the pixel-dimension restrictions of the TGA specification.
CVE-2018-20189 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2024-08-05 N/A
In GraphicsMagick 1.3.31, the ReadDIBImage function of coders/dib.c has a vulnerability allowing a crash and denial of service via a dib file that is crafted to appear with direct pixel values and also colormapping (which is not available beyond 8-bits/sample), and therefore lacks indexes initialization.
CVE-2018-20185 3 Canonical, Debian, Graphicsmagick 3 Ubuntu Linux, Debian Linux, Graphicsmagick 2024-08-05 5.3 Medium
In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. This only affects GraphicsMagick installations with customized BMP limits.
CVE-2018-18544 4 Graphicsmagick, Imagemagick, Opensuse and 1 more 4 Graphicsmagick, Imagemagick, Leap and 1 more 2024-08-05 N/A
There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31.
CVE-2018-9018 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2024-08-05 N/A
In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file.
CVE-2018-6799 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2024-08-05 N/A
The AcquireCacheNexus function in magick/pixel_cache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service (heap overwrite) or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used.
CVE-2018-5685 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2024-08-05 N/A
In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function (coders/bmp.c). Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask value.
CVE-2018-5360 2 Graphicsmagick, Libtiff 2 Graphicsmagick, Libtiff 2024-08-05 N/A
LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick 1.3.27.