| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-3714 | 10.0 |
The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka "I
|
11-09-2024 - 11:11 | 05-05-2016 - 18:59 | |
| CVE-2016-3715 | 5.8 |
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
|
24-07-2024 - 17:06 | 05-05-2016 - 18:59 | |
| CVE-2016-5118 | 10.0 |
The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.
|
01-08-2023 - 18:21 | 10-06-2016 - 15:59 | |
| CVE-2016-7800 | 5.0 |
Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.
|
12-04-2019 - 19:46 | 06-02-2017 - 17:59 | |
| CVE-2016-8684 | 6.8 |
The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."
|
30-10-2018 - 16:27 | 15-02-2017 - 19:59 | |
| CVE-2016-8683 | 6.8 |
The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."
|
30-10-2018 - 16:27 | 15-02-2017 - 19:59 | |
| CVE-2016-8682 | 5.0 |
The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SCT header.
|
30-10-2018 - 16:27 | 15-02-2017 - 19:59 | |
| CVE-2016-9830 | 4.3 |
The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image.
|
30-10-2018 - 16:27 | 01-03-2017 - 20:59 | |
| CVE-2016-2318 | 4.3 |
GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath
|
30-10-2018 - 16:27 | 03-02-2017 - 15:59 | |
| CVE-2016-2317 | 4.3 |
Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTr
|
30-10-2018 - 16:27 | 03-02-2017 - 15:59 | |
| CVE-2016-5240 | 4.3 |
The DrawDashPolygon function in magick/render.c in GraphicsMagick before 1.3.24 and the SVG renderer in ImageMagick allow remote attackers to cause a denial of service (infinite loop) by converting a circularly defined SVG file.
|
18-05-2018 - 01:29 | 27-02-2017 - 22:59 | |
| CVE-2016-7996 | 7.5 |
Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries.
|
04-11-2017 - 01:29 | 18-01-2017 - 17:59 | |
| CVE-2015-8808 | 4.3 |
The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted GIF file.
|
04-11-2017 - 01:29 | 13-07-2016 - 15:59 | |
| CVE-2016-7997 | 5.0 |
The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (assertion failure and crash) via vectors related to a ReferenceBlob and a NULL pointer.
|
04-11-2017 - 01:29 | 18-01-2017 - 17:59 |