Imagemagick CVEs and Security Vulnerabilities

Filtered by vendor Imagemagick Subscriptions

Filtered by product Imagemagick Subscriptions

Search

Switch to Advanced Search (Beta)

Total 659 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2017-11352	3 Canonical, Debian, Imagemagick	3 Ubuntu Linux, Debian Linux, Imagemagick	2025-04-20	6.5 Medium
In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9144.
CVE-2015-8901	1 Imagemagick	1 Imagemagick	2025-04-20	6.5 Medium
ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file.
CVE-2015-8894	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
Double free vulnerability in coders/tga.c in ImageMagick 7.0.0 and later allows remote attackers to cause a denial of service (application crash) via a crafted tga file.
CVE-2015-8896	3 Imagemagick, Oracle, Redhat	9 Imagemagick, Linux, Enterprise Linux and 6 more	2025-04-20	6.5 Medium
Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file.
CVE-2015-8897	2 Imagemagick, Redhat	2 Imagemagick, Enterprise Linux	2025-04-20	N/A
The SpliceImage function in MagickCore/transform.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (application crash) via a crafted png file.
CVE-2015-8900	1 Imagemagick	1 Imagemagick	2025-04-20	5.5 Medium
The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service (infinite loop) via a crafted HDR file.
CVE-2015-8903	1 Imagemagick	1 Imagemagick	2025-04-20	6.5 Medium
The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file.
CVE-2017-8345	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.5-5, the ReadMNGImage function in png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2015-8957	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file.
CVE-2015-8958	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted SUN file.
CVE-2015-8959	1 Imagemagick	1 Imagemagick	2025-04-20	6.5 Medium
coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file.
CVE-2016-10047	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
Memory leak in the NewXMLTree function in magick/xml-tree.c in ImageMagick before 6.9.4-7 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML file.
CVE-2016-10046	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
Heap-based buffer overflow in the DrawImage function in magick/draw.c in ImageMagick before 6.9.5-5 allows remote attackers to cause a denial of service (application crash) via a crafted image file.
CVE-2016-10048	2 Imagemagick, Opensuse Project	2 Imagemagick, Leap	2025-04-20	N/A
Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified vectors.
CVE-2016-10050	2 Imagemagick, Opensuse	2 Imagemagick, Leap	2025-04-20	7.8 High
Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
CVE-2016-10051	2 Imagemagick, Opensuse	2 Imagemagick, Leap	2025-04-20	7.8 High
Use-after-free vulnerability in the ReadPWPImage function in coders/pwp.c in ImageMagick 6.9.5-5 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2016-10065	2 Imagemagick, Opensuse	2 Imagemagick, Leap	2025-04-20	N/A
The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2016-10066	1 Imagemagick	1 Imagemagick	2025-04-20	5.5 Medium
Buffer overflow in the ReadVIFFImage function in coders/viff.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a crafted file.
CVE-2016-10144	1 Imagemagick	1 Imagemagick	2025-04-20	9.8 Critical
coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check.
CVE-2017-17885	2 Canonical, Imagemagick	2 Ubuntu Linux, Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allows attackers to cause a denial of service via a crafted PICT image file.

« first previous Page 11 of 33. next last »