dirk

9 exploits Active since Apr 2017
CVE-2016-7514 WRITEUP MEDIUM WRITEUP
Imagemagick < 7.0.1-0 - Out-of-Bounds Read
The ReadPSDChannelPixels function in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
CVSS 6.5
CVE-2016-7515 WRITEUP MEDIUM WRITEUP
Imagemagick < 6.9.4-0 - Out-of-Bounds Read
The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the number of pixels.
CVSS 6.5
CVE-2016-7521 WRITEUP MEDIUM WRITEUP
Imagemagick < 6.9.4-0 - Out-of-Bounds Read
Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
CVSS 6.5
CVE-2016-7522 WRITEUP MEDIUM WRITEUP
Imagemagick < 6.9.4-0 - Out-of-Bounds Read
The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
CVSS 6.5
CVE-2016-7525 WRITEUP MEDIUM WRITEUP
Imagemagick < 6.9.4-0 - Out-of-Bounds Read
Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
CVSS 6.5
CVE-2016-7526 WRITEUP MEDIUM WRITEUP
Imagemagick < 6.9.4-0 - Out-of-Bounds Write
coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
CVSS 6.5
CVE-2016-7532 WRITEUP MEDIUM WRITEUP
Imagemagick < 6.9.4-0 - Out-of-Bounds Read
coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
CVSS 6.5
CVE-2016-7536 WRITEUP MEDIUM WRITEUP
Imagemagick < 6.9.4-0 - Improper Input Validation
magick/profile.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted profile.
CVSS 6.5
CVE-2025-65955 WRITEUP MEDIUM WRITEUP
ImageMagick <7.1.2-9 & 6.9.13-34 - Memory Corruption
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick’s Magick++ layer that manifests when Options::fontFamily is invoked with an empty string. Clearing a font family calls RelinquishMagickMemory on _drawInfo->font, freeing the font string but leaving _drawInfo->font pointing to freed memory while _drawInfo->family is set to that (now-invalid) pointer. Any later cleanup or reuse of _drawInfo->font re-frees or dereferences dangling memory. DestroyDrawInfo and other setters (Options::font, Image::font) assume _drawInfo->font remains valid, so destruction or subsequent updates trigger crashes or heap corruption. This vulnerability is fixed in 7.1.2-9 and 6.9.13-34.
CVSS 4.9