| Max CVSS | 7.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-7447 | 7.5 |
Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors.
|
15-04-2019 - 14:03 | 06-02-2017 - 17:59 | |
| CVE-2016-7446 | 7.5 |
Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317.
|
15-04-2019 - 14:01 | 06-02-2017 - 17:59 | |
| CVE-2016-7449 | 5.0 |
The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string.
|
12-04-2019 - 19:47 | 06-02-2017 - 17:59 | |
| CVE-2016-7448 | 7.8 |
The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations) via vectors involving the header information and the file size.
|
12-04-2019 - 19:44 | 06-02-2017 - 17:59 | |
| CVE-2016-2318 | 4.3 |
GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath
|
30-10-2018 - 16:27 | 03-02-2017 - 15:59 | |
| CVE-2016-2317 | 4.3 |
Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTr
|
30-10-2018 - 16:27 | 03-02-2017 - 15:59 |