Shodan
Vulnerabilities
Vulnerable Software
Imagemagick:  >> Imagemagick  Security Vulnerabilities
CVE-2019-12976
ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-06-26
CVE-2019-12977
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the WriteJP2Image function in coders/jp2.c.
CVSS Score
7.8
EPSS Score
0.003
Published
2019-06-26
CVE-2019-12978
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the ReadPANGOImage function in coders/pango.c.
CVSS Score
7.8
EPSS Score
0.002
Published
2019-06-26
CVE-2019-12979
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.
CVSS Score
7.8
EPSS Score
0.002
Published
2019-06-26
CVE-2017-12805
In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function ReadTIFFImage, which allows attackers to cause a denial of service.
CVSS Score
7.5
EPSS Score
0.002
Published
2019-05-09
CVE-2017-12806
In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function format8BIM, which allows attackers to cause a denial of service.
CVSS Score
7.5
EPSS Score
0.002
Published
2019-05-09
CVE-2019-10131
An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-04-30
CVE-2019-11597
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file.
CVSS Score
8.1
EPSS Score
0.002
Published
2019-04-29
CVE-2019-11598
In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c.
CVSS Score
8.1
EPSS Score
0.002
Published
2019-04-29
CVE-2019-11470
The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file.
CVSS Score
6.5
EPSS Score
0.008
Published
2019-04-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved