Exploit Database

145,549 exploits tracked across all sources.

Sort: Activity Stars
CVE-2017-14684 WRITEUP MEDIUM
ImageMagick 7.0.7-4 - Denial of Service via Memory Leak in ReadVIPSImage
In ImageMagick 7.0.7-4 Q16, a memory leak vulnerability was found in the function ReadVIPSImage in coders/vips.c, which allows attackers to cause a denial of service (memory consumption in ResizeMagickMemory in MagickCore/memory.c) via a crafted file.
CVSS 6.5
CVE-2017-14626 WRITEUP CRITICAL
ImageMagick 7.0.7-0 - Memory Corruption
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c.
CVSS 9.8
CVE-2017-14626 WRITEUP CRITICAL
ImageMagick 7.0.7-0 - Memory Corruption
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c.
CVSS 9.8
CVE-2017-14625 WRITEUP CRITICAL
ImageMagick 7.0.7-0 - Memory Corruption
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_output_create in coders/sixel.c.
CVSS 9.8
CVE-2017-14624 WRITEUP CRITICAL
ImageMagick 7.0.7-0 - Buffer Overflow
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c.
CVSS 9.8
CVE-2017-14607 WRITEUP HIGH
ImageMagick 7.0.7-4 - Info Disclosure
In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage has been reported in coders/tiff.c. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash.
CVSS 8.1
CVE-2017-14533 WRITEUP MEDIUM
ImageMagick 7.0.6-6 - Memory Corruption
ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c.
CVSS 6.5
CVE-2017-14532 WRITEUP CRITICAL
ImageMagick 7.0.7-0 - Buffer Overflow
ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c.
CVSS 9.8
CVE-2017-14531 WRITEUP MEDIUM
ImageMagick 7.0.7-0 - Memory Corruption
ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in coders/sun.c.
CVSS 6.5
CVE-2017-14505 WRITEUP MEDIUM
ImageMagick 7.0.7-1 - Denial of Service via NULL Pointer Dereference in DrawGetStrokeDashArray
DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Service (NULL pointer dereference and application crash in AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted Image File as input.
CVSS 6.5
CVE-2017-14400 WRITEUP MEDIUM
ImageMagick 7.0.7-1 - Denial of Service via Crafted File
In ImageMagick 7.0.7-1 Q16, the PersistPixelCache function in magick/cache.c mishandles the pixel cache nexus, which allows remote attackers to cause a denial of service (NULL pointer dereference in the function GetVirtualPixels in MagickCore/cache.c) via a crafted file.
CVSS 6.5
CVE-2017-14343 WRITEUP MEDIUM
ImageMagick 7.0.6-6 - Memory Corruption
ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file.
CVSS 6.5
CVE-2017-14342 WRITEUP MEDIUM
ImageMagick 7.0.6-6 - Memory Corruption
ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c via a crafted wpg image file.
CVSS 6.5
CVE-2017-14341 WRITEUP MEDIUM
ImageMagick 7.0.6-6 - Uncontrolled Resource Consumption via Crafted WPG Image
ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in coders/wpg.c, causing CPU exhaustion via a crafted wpg image file.
CVSS 6.5
CVE-2017-14326 WRITEUP MEDIUM
ImageMagick 7.0.7-1 Q16 - Denial of Service via Memory Leak in ReadMATImage
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file.
CVSS 6.5
CVE-2017-14325 WRITEUP MEDIUM
ImageMagick 7.0.7-1 - Denial of Service via Memory Leak in PersistPixelCache
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function PersistPixelCache in magick/cache.c, which allows attackers to cause a denial of service (memory consumption in ReadMPCImage in coders/mpc.c) via a crafted file.
CVSS 6.5
CVE-2017-14324 WRITEUP MEDIUM
ImageMagick 7.0.7-1 - Denial of Service via Memory Leak in ReadMPCImage
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service via a crafted file.
CVSS 6.5
CVE-2017-14249 WRITEUP MEDIUM
ImageMagick 7.0.6-8 - Denial of Service via Crafted MPC File
ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in coders/mpc.c, leading to division by zero in GetPixelCacheTileSize in MagickCore/cache.c, allowing remote attackers to cause a denial of service via a crafted file.
CVSS 6.5
CVE-2017-14248 WRITEUP MEDIUM
ImageMagick <7.0.6-8 - Buffer Overflow
A heap-based buffer over-read in SampleImage() in MagickCore/resize.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service via a crafted file.
CVSS 6.5
CVE-2017-14224 WRITEUP HIGH
ImageMagick 7.0.6-8 - Buffer Overflow
A heap-based buffer overflow in WritePCXImage in coders/pcx.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service or code execution via a crafted file.
CVSS 8.8
CVE-2017-14175 WRITEUP MEDIUM
ImageMagick 7.0.6-1 Q16 - Denial of Service via Crafted XBM File
In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is provided, the loop over the rows would consume huge CPU resources, since there is no EOF check inside the loop.
CVSS 6.5
CVE-2017-14174 WRITEUP MEDIUM
ImageMagick 7.0.7-0 Q16 - Denial of Service via Crafted PSD File
In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "length" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop.
CVSS 6.5
CVE-2017-14173 WRITEUP MEDIUM
ImageMagick 7.0.6-10 - Buffer Overflow
In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, an integer overflow might occur for the addition operation "GetQuantumRange(depth)+1" when "depth" is large, producing a smaller value than expected. As a result, an infinite loop would occur for a crafted TXT file that claims a very large "max_value" value.
CVSS 6.5
CVE-2017-14172 WRITEUP MEDIUM
ImageMagick 7.0.7-0 Q16 - Denial of Service via Crafted PSD File
In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "extent" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop.
CVSS 6.5
CVE-2017-14139 WRITEUP MEDIUM
ImageMagick 7.0.6-2 - Memory Corruption
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMSLImage in coders/msl.c.
CVSS 6.5