Shodan
Vulnerabilities
Vulnerable Software
Imagemagick:  Security Vulnerabilities
CVE-2017-14684
In ImageMagick 7.0.7-4 Q16, a memory leak vulnerability was found in the function ReadVIPSImage in coders/vips.c, which allows attackers to cause a denial of service (memory consumption in ResizeMagickMemory in MagickCore/memory.c) via a crafted file.
CVSS Score
6.5
EPSS Score
0.002
Published
2017-09-22
CVE-2017-14682
GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted SVG document, a different vulnerability than CVE-2017-10928.
CVSS Score
8.8
EPSS Score
0.005
Published
2017-09-21
CVE-2017-14626
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c.
CVSS Score
9.8
EPSS Score
0.011
Published
2017-09-21
CVE-2017-14624
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c.
CVSS Score
9.8
EPSS Score
0.015
Published
2017-09-21
CVE-2017-14625
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_output_create in coders/sixel.c.
CVSS Score
9.8
EPSS Score
0.015
Published
2017-09-21
CVE-2017-14607
In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage has been reported in coders/tiff.c. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash.
CVSS Score
8.1
EPSS Score
0.017
Published
2017-09-20
CVE-2017-14531
ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in coders/sun.c.
CVSS Score
6.5
EPSS Score
0.007
Published
2017-09-18
CVE-2017-14532
ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c.
CVSS Score
9.8
EPSS Score
0.015
Published
2017-09-18
CVE-2017-14533
ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c.
CVSS Score
6.5
EPSS Score
0.005
Published
2017-09-18
CVE-2017-14528
The TIFFSetProfiles function in coders/tiff.c in ImageMagick 7.0.6 has incorrect expectations about whether LibTIFF TIFFGetField return values imply that data validation has occurred, which allows remote attackers to cause a denial of service (use-after-free after an invalid call to TIFFSetField, and application crash) via a crafted file.
CVSS Score
6.5
EPSS Score
0.008
Published
2017-09-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved