Writeup Exploits

62,792 exploits tracked across all sources.

Sort: Activity Stars
CVE-2018-7470 WRITEUP MEDIUM
ImageMagick 7.0.7-22 Q16 - Denial of Service in IsWEBPImageLossless Function
An issue was discovered in ImageMagick 7.0.7-22 Q16. The IsWEBPImageLossless function in coders/webp.c allows attackers to cause a denial of service (segmentation violation) via a crafted file.
CVSS 6.5
CVE-2018-7443 WRITEUP MEDIUM
ImageMagick 7.0.7-23 Q16 - Denial of Service via TIFF Image Data Validation
The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly validate the amount of image data in a file, which allows remote attackers to cause a denial of service (memory allocation failure in the AcquireMagickMemory function in MagickCore/memory.c).
CVSS 6.5
CVE-2018-6930 WRITEUP MEDIUM
ImageMagick 7.0.7-22 - Denial of Service via Stack-Based Buffer Over-Read in ComputeResizeImage
A stack-based buffer over-read in the ComputeResizeImage function in the MagickCore/accelerate.c file of ImageMagick 7.0.7-22 allows a remote attacker to cause a denial of service (application crash) via a maliciously crafted pict file.
CVSS 6.5
CVE-2018-6876 WRITEUP MEDIUM
ImageMagick - Denial of Service via Crafted BMP Image
The OLEProperty class in ole/oleprop.cpp in libfpx 1.3.1-10, as used in ImageMagick 7.0.7-22 Q16 and other products, allows remote attackers to cause a denial of service (stack-based buffer under-read) via a crafted bmp image.
CVSS 6.5
CVE-2018-6405 WRITEUP MEDIUM
ImageMagick < 6.9.9-35 - Memory Leak in ReadDCMImage Function
In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service.
CVSS 6.5
CVE-2018-5358 WRITEUP MEDIUM
ImageMagick 7.0.7-22 - Memory Corruption
ImageMagick 7.0.7-22 Q16 has memory leaks in the EncodeImageAttributes function in coders/json.c, as demonstrated by the ReadPSDLayersInternal function in coders/psd.c.
CVSS 6.5
CVE-2018-5357 WRITEUP MEDIUM
ImageMagick 7.0.7-22 - Memory Corruption
ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function in coders/dcm.c.
CVSS 6.5
CVE-2018-5248 WRITEUP HIGH
ImageMagick 7.0.7-17 - Buffer Overflow
In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode function.
CVSS 8.8
CVE-2018-5247 WRITEUP MEDIUM
ImageMagick 7.0.7-17 - Memory Corruption
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c.
CVSS 6.5
CVE-2018-5246 WRITEUP MEDIUM
ImageMagick 7.0.7-17 - Memory Corruption
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c.
CVSS 6.5
CVE-2018-20467 WRITEUP MEDIUM
ImageMagick < 6.9.10-16 - Denial of Service via Infinite Loop in BMP Coder
In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.
CVSS 6.5
CVE-2018-18544 WRITEUP MEDIUM
GraphicsMagick < 1.3.31 - Memory Leak in MSL Script Processing
There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31.
CVSS 6.5
CVE-2018-18025 WRITEUP MEDIUM
ImageMagick 7.0.8-13 - Denial of Service via Crafted SVG Image File
In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the EncodeImage function of coders/pict.c, which allows attackers to cause a denial of service via a crafted SVG image file.
CVSS 6.5
CVE-2018-18024 WRITEUP MEDIUM
ImageMagick 7.0.8-13 - Denial of Service via Crafted BMP File
In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ReadBMPImage function of the coders/bmp.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.
CVSS 6.5
CVE-2018-18023 WRITEUP MEDIUM
ImageMagick 7.0.8-13 Q16 - Denial of Service via SVG Image File Processing
In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the SVGStripString function of coders/svg.c, which allows attackers to cause a denial of service via a crafted SVG image file.
CVSS 6.5
CVE-2018-18016 WRITEUP MEDIUM
ImageMagick 7.0.7-28 - Memory Leak in WritePCXImage
ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePCXImage in coders/pcx.c.
CVSS 6.5
CVE-2018-17967 WRITEUP MEDIUM
ImageMagick 7.0.7-28 - Memory Leak in ReadBGRImage
ImageMagick 7.0.7-28 has a memory leak vulnerability in ReadBGRImage in coders/bgr.c.
CVSS 6.5
CVE-2018-17966 WRITEUP MEDIUM
ImageMagick 7.0.7-28 - Memory Leak in WritePDBImage
ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePDBImage in coders/pdb.c.
CVSS 6.5
CVE-2018-17965 WRITEUP MEDIUM
ImageMagick 7.0.7-28 - Memory Leak in WriteSGIImage
ImageMagick 7.0.7-28 has a memory leak vulnerability in WriteSGIImage in coders/sgi.c.
CVSS 6.5
CVE-2018-16750 WRITEUP MEDIUM
ImageMagick <7.0.7-29 - Memory Corruption
In ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfromBuffer function in coders/meta.c was found.
CVSS 6.5
CVE-2018-16749 WRITEUP MEDIUM
ImageMagick < 6.9.9-42 - Denial of Service via Crafted JNG File
In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file.
CVSS 6.5
CVE-2018-16645 WRITEUP MEDIUM
ImageMagick <7.0.8-11 - Memory Corruption
There is an excessive memory allocation issue in the functions ReadBMPImage of coders/bmp.c and ReadDIBImage of coders/dib.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image file.
CVSS 6.5
CVE-2018-16644 WRITEUP MEDIUM
ImageMagick 7.0.8-11 - Denial of Service via Crafted Image in DCM and PICT Coders
There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image.
CVSS 6.5
CVE-2018-16643 WRITEUP MEDIUM
ImageMagick 7.0.8-4 - Denial of Service via Unchecked fputc Return Value
The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders/cals.c, and ReadPICTImage in coders/pict.c in ImageMagick 7.0.8-4 do not check the return value of the fputc function, which allows remote attackers to cause a denial of service via a crafted image file.
CVSS 6.5
CVE-2018-16642 WRITEUP MEDIUM
ImageMagick - Denial of Service via Out-of-bounds Write in InsertRow Function
The function InsertRow in coders/cut.c in ImageMagick 7.0.7-37 allows remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write.
CVSS 6.5