CVE search results

101 – 110 of 138 results

Detailed view

Sort by:

CVE-2016-7446

Medium priority

Some fixes available 2 of 3

Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317.

1 affected packages

graphicsmagick

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
graphicsmagick	—	—	—	Not affected	Fixed

CVE-2016-5241

Medium priority

Some fixes available 2 of 7

magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file.

1 affected packages

graphicsmagick

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
graphicsmagick	—	—	—	Not affected	Fixed

CVE-2016-2318

Low priority

Some fixes available 2 of 7

GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c,...

1 affected packages

graphicsmagick

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
graphicsmagick	—	—	—	Not affected	Fixed

CVE-2016-2317

Medium priority

Some fixes available 2 of 7

Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function...

1 affected packages

graphicsmagick

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
graphicsmagick	—	—	—	Not affected	Fixed

CVE-2016-7997

Low priority

Some fixes available 2 of 6

The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (assertion failure and crash) via vectors related to a ReferenceBlob and a NULL pointer.

1 affected packages

graphicsmagick

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
graphicsmagick	—	—	—	Not affected	Fixed

CVE-2016-7996

Medium priority

Some fixes available 2 of 3

Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries.

1 affected packages

graphicsmagick

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
graphicsmagick	—	—	—	Not affected	Fixed

CVE-2015-8808

Low priority

Some fixes available 1 of 6

The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted GIF file.

1 affected packages

graphicsmagick

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
graphicsmagick	—	—	—	Not affected	Not affected

CVE-2016-5118

Medium priority

Some fixes available 11 of 16

The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.

2 affected packages

graphicsmagick, imagemagick

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
graphicsmagick	—	—	—	Not affected	Fixed
imagemagick	—	—	—	Fixed	Fixed

CVE-2016-3718

Medium priority

Some fixes available 11 of 16

The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.

2 affected packages

graphicsmagick, imagemagick

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
graphicsmagick	—	—	—	Not affected	Fixed
imagemagick	—	—	—	Fixed	Fixed

CVE-2016-3717

Medium priority

Some fixes available 11 of 16

The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.

2 affected packages

graphicsmagick, imagemagick

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
graphicsmagick	—	—	—	Not affected	Fixed
imagemagick	—	—	—	Fixed	Fixed

Export to JSON

Results by page:

Search CVE reports