Cristy

175 exploits Active since Dec 2016
CVE-2017-9144 WRITEUP MEDIUM WRITEUP
ImageMagick 7.0.5-5 - Memory Corruption
In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c.
CVSS 6.5
CVE-2018-16640 WRITEUP MEDIUM WRITEUP
ImageMagick 7.0.8-5 - Memory Corruption
ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ReadOneJNGImage in coders/png.c.
CVSS 6.5
CVE-2018-16642 WRITEUP MEDIUM WRITEUP
ImageMagick 7.0.7-37 - DoS
The function InsertRow in coders/cut.c in ImageMagick 7.0.7-37 allows remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write.
CVSS 6.5
CVE-2018-16643 WRITEUP MEDIUM WRITEUP
ImageMagick 7.0.8-4 - DoS
The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders/cals.c, and ReadPICTImage in coders/pict.c in ImageMagick 7.0.8-4 do not check the return value of the fputc function, which allows remote attackers to cause a denial of service via a crafted image file.
CVSS 6.5
CVE-2018-16644 WRITEUP MEDIUM WRITEUP
ImageMagick 7.0.8-11 - DoS
There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image.
CVSS 6.5
CVE-2018-16645 WRITEUP MEDIUM WRITEUP
ImageMagick <7.0.8-11 - Memory Corruption
There is an excessive memory allocation issue in the functions ReadBMPImage of coders/bmp.c and ReadDIBImage of coders/dib.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image file.
CVSS 6.5
CVE-2018-16749 WRITEUP MEDIUM WRITEUP
ImageMagick <7.0.7-29 - DoS
In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file.
CVSS 6.5
CVE-2018-20467 WRITEUP MEDIUM WRITEUP
Imagemagick < 6.9.10-16 - Infinite Loop
In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.
CVSS 6.5
CVE-2019-10131 WRITEUP HIGH WRITEUP
ImageMagick <7.0.7-28 - Info Disclosure
An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program.
CVSS 7.1
CVE-2019-10714 WRITEUP MEDIUM WRITEUP
Imagemagick < 6.9.10-32 - Out-of-Bounds Read
LocaleLowercase in MagickCore/locale.c in ImageMagick before 7.0.8-32 allows out-of-bounds access, leading to a SIGSEGV.
CVSS 6.5
CVE-2019-11470 WRITEUP MEDIUM WRITEUP
ImageMagick 7.0.8-26 Q16 - DoS
The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file.
CVSS 6.5
CVE-2019-11472 WRITEUP MEDIUM WRITEUP
ImageMagick 7.0.8-41 - DoS
ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.
CVSS 6.5
CVE-2019-13133 WRITEUP MEDIUM WRITEUP
Imagemagick < 7.0.8-50 - Memory Leak
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c.
CVSS 5.5
CVE-2019-13134 WRITEUP MEDIUM WRITEUP
Imagemagick < 7.0.8-50 - Memory Leak
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c.
CVSS 5.5
CVE-2019-13135 WRITEUP HIGH WRITEUP
Imagemagick < 6.9.10-50 - Use of Uninitialized Resource
ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c.
CVSS 8.8
CVE-2019-13135 WRITEUP HIGH WRITEUP
Imagemagick < 6.9.10-50 - Use of Uninitialized Resource
ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c.
CVSS 8.8
CVE-2019-13136 WRITEUP HIGH WRITEUP
Imagemagick < 7.0.8-50 - Integer Overflow
ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c.
CVSS 7.8
CVE-2019-13137 WRITEUP MEDIUM WRITEUP
Imagemagick < 6.9.10-50 - Memory Leak
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.
CVSS 6.5
CVE-2019-13137 WRITEUP MEDIUM WRITEUP
Imagemagick < 6.9.10-50 - Memory Leak
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.
CVSS 6.5
CVE-2019-13295 WRITEUP HIGH WRITEUP
Imagemagick - Out-of-Bounds Read
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.
CVSS 8.8
CVE-2019-13295 WRITEUP HIGH WRITEUP
Imagemagick - Out-of-Bounds Read
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.
CVSS 8.8
CVE-2019-13296 WRITEUP MEDIUM WRITEUP
Imagemagick - Memory Leak
ImageMagick 7.0.8-50 Q16 has direct memory leaks in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c for a NULL value.
CVSS 6.5
CVE-2019-13297 WRITEUP HIGH WRITEUP
Imagemagick - Out-of-Bounds Read
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.
CVSS 8.8
CVE-2019-13297 WRITEUP HIGH WRITEUP
Imagemagick - Out-of-Bounds Read
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.
CVSS 8.8
CVE-2019-13298 WRITEUP HIGH WRITEUP
Imagemagick - Out-of-Bounds Write
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/pixel-accessor.h in SetPixelViaPixelInfo because of a MagickCore/enhance.c error.
CVSS 8.8