Writeup Exploits

62,792 exploits tracked across all sources.

Sort: Activity Stars
CVE-2019-16708 WRITEUP MEDIUM
ImageMagick 7.0.8-35 - Memory Corruption
ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.
CVSS 6.5
CVE-2019-15141 WRITEUP MEDIUM
ImageMagick 7.0.8-43 Q16 - Denial of Service via Crafted TIFF Image File
WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for CVE-2019-11597.
CVSS 6.5
CVE-2019-15140 WRITEUP HIGH
ImageMagick 7.0.8-43 Q16 - Use-After-Free in Matlab Image File Handling
coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.
CVSS 8.8
CVE-2019-15139 WRITEUP MEDIUM
ImageMagick 7.0.8-41 Q16 - Denial of Service via Corrupted XWD Image File
The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472.
CVSS 6.5
CVE-2019-14981 WRITEUP MEDIUM
ImageMagick 6.x < 6.9.10-41 and 7.x < 7.0.8-41 - Denial of Service via MeanShiftImage Function
In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.
CVSS 6.5
CVE-2019-14980 WRITEUP MEDIUM
ImageMagick 6.0-6.9.10-41 and 7.x < 7.0.8-42 - Use-After-Free in UnmapBlob
In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file.
CVSS 6.5
CVE-2019-14980 WRITEUP MEDIUM
ImageMagick 6.0-6.9.10-41 and 7.x < 7.0.8-42 - Use-After-Free in UnmapBlob
In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file.
CVSS 6.5
CVE-2019-13454 WRITEUP MEDIUM
ImageMagick 7.0.1-0-7.0.8-54 - Division by Zero in RemoveDuplicateLayers
ImageMagick 7.0.1-0 to 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.
CVSS 6.5
CVE-2019-13454 WRITEUP MEDIUM
ImageMagick 7.0.1-0-7.0.8-54 - Division by Zero in RemoveDuplicateLayers
ImageMagick 7.0.1-0 to 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.
CVSS 6.5
CVE-2019-13391 WRITEUP HIGH
ImageMagick 7.0.8-50 Q16 - Heap-Based Buffer Over-Read in ComplexImages
In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels.
CVSS 8.8
CVE-2019-13311 WRITEUP MEDIUM
ImageMagick 7.0.8-50 Q16 - Use-After-Free in wand/mogrify.c
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.
CVSS 6.5
CVE-2019-13310 WRITEUP MEDIUM
ImageMagick 7.0.8-50 - Use-After-Free in MagickWand/mogrify.c
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c.
CVSS 6.5
CVE-2019-13309 WRITEUP MEDIUM
ImageMagick 7.0.8-50 Q16 - Use-After-Free in CLIListOperatorImages
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c.
CVSS 6.5
CVE-2019-13308 WRITEUP HIGH
ImageMagick 7.0.8-50 Q16 - Heap-Based Buffer Overflow in ComplexImage
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage.
CVSS 8.8
CVE-2019-13307 WRITEUP HIGH
ImageMagick 7.0.8-50 - Heap-Based Buffer Overflow in EvaluateImages
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows.
CVSS 7.8
CVE-2019-13306 WRITEUP HIGH
ImageMagick 7.0.8-50 - Stack-based Buffer Overflow in WritePNMImage
ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.
CVSS 7.8
CVE-2019-13305 WRITEUP HIGH
ImageMagick 7.0.8-50 Q16 - Stack-based Buffer Overflow in WritePNMImage
ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error.
CVSS 7.8
CVE-2019-13304 WRITEUP HIGH
ImageMagick 7.0.8-50 Q16 - Stack-based Buffer Overflow in WritePNMImage
ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment.
CVSS 7.8
CVE-2019-13303 WRITEUP HIGH
ImageMagick 7.0.8-50 Q16 - Heap-Based Buffer Over-Read in CompositeImage
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/composite.c in CompositeImage.
CVSS 8.8
CVE-2019-13302 WRITEUP HIGH
ImageMagick 7.0.8-50 Q16 - Heap-Based Buffer Over-Read in ComplexImages
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/fourier.c in ComplexImages.
CVSS 8.8
CVE-2019-13301 WRITEUP MEDIUM
ImageMagick 7.0.8-50 Q16 - Use-After-Free in AnnotateImage
ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.
CVSS 6.5
CVE-2019-13301 WRITEUP MEDIUM
ImageMagick 7.0.8-50 Q16 - Use-After-Free in AnnotateImage
ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.
CVSS 6.5
CVE-2019-13300 WRITEUP HIGH
ImageMagick 7.0.8-50 Q16 - Heap-Based Buffer Overflow in EvaluateImages
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns.
CVSS 8.8
CVE-2019-13299 WRITEUP HIGH
ImageMagick 7.0.8-50 Q16 - Heap-Based Buffer Over-Read in GetPixelChannel
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/pixel-accessor.h in GetPixelChannel.
CVSS 8.8
CVE-2019-13298 WRITEUP HIGH
ImageMagick 7.0.8-50 - Heap-Based Buffer Overflow in SetPixelViaPixelInfo
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/pixel-accessor.h in SetPixelViaPixelInfo because of a MagickCore/enhance.c error.
CVSS 8.8