Graphicsmagick

Graphicsmagick

121 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2016-7449

  • EPSS 3.28%
  • Published 06.02.2017 17:59:00
  • Last modified 20.04.2025 01:37:25

The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string.

7.5

CVE-2016-7800

  • EPSS 2.19%
  • Published 06.02.2017 17:59:00
  • Last modified 20.04.2025 01:37:25

Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.

5.5

CVE-2016-2317

  • EPSS 0.38%
  • Published 03.02.2017 15:59:00
  • Last modified 20.04.2025 01:37:25

Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTr...

5.5

CVE-2016-2318

  • EPSS 0.24%
  • Published 03.02.2017 15:59:00
  • Last modified 20.04.2025 01:37:25

GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath...

5.5

CVE-2016-5241

  • EPSS 0.35%
  • Published 03.02.2017 15:59:00
  • Last modified 20.04.2025 01:37:25

magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file.

7.5

CVE-2016-7997

  • EPSS 1.15%
  • Published 18.01.2017 17:59:01
  • Last modified 20.04.2025 01:37:25

The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (assertion failure and crash) via vectors related to a ReferenceBlob and a NULL pointer.

9.8

CVE-2016-7996

  • EPSS 1.16%
  • Published 18.01.2017 17:59:00
  • Last modified 20.04.2025 01:37:25

Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries.

5.5

CVE-2015-8808

  • EPSS 0.29%
  • Published 13.07.2016 15:59:00
  • Last modified 12.04.2025 10:46:40

The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted GIF file.

10

CVE-2016-5118

  • EPSS 35.42%
  • Published 10.06.2016 15:59:06
  • Last modified 12.04.2025 10:46:40

The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.

4.3

CVE-2013-4589

Exploit
  • EPSS 2.35%
  • Published 23.11.2013 11:55:04
  • Last modified 11.04.2025 00:51:21

The ExportAlphaQuantumType function in export.c in GraphicsMagick before 1.3.18 might allow remote attackers to cause a denial of service (crash) via vectors related to exporting the alpha of an 8-bit RGBA image.