Filtered by vendor Imagemagick
Subscriptions
Total
662 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-55004 | 1 Imagemagick | 1 Imagemagick | 2025-08-15 | 7.6 High |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, ImageMagick is vulnerable to heap-buffer overflow read around the handling of images with separate alpha channels when performing image magnification in ReadOneMNGIMage. This can likely be used to leak subsequent memory contents into the output image. This issue has been patched in version 7.1.2-1. | ||||
| CVE-2025-55160 | 1 Imagemagick | 1 Imagemagick | 2025-08-15 | 6.1 Medium |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior (function-type-mismatch) in splay tree cloning callback. This results in a deterministic abort under UBSan (DoS in sanitizer builds), with no crash in a non-sanitized build. This issue has been patched in versions 6.9.13-27 and 7.1.2-1. | ||||
| CVE-2019-13454 | 5 Canonical, Debian, Imagemagick and 2 more | 5 Ubuntu Linux, Debian Linux, Imagemagick and 2 more | 2025-07-11 | 6.5 Medium |
| ImageMagick 7.0.1-0 to 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c. | ||||
| CVE-2022-28463 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2025-06-25 | 7.8 High |
| ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow. | ||||
| CVE-2025-43965 | 1 Imagemagick | 1 Imagemagick | 2025-06-23 | 2.9 Low |
| In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used. | ||||
| CVE-2025-46393 | 1 Imagemagick | 1 Imagemagick | 2025-06-23 | 2.9 Low |
| In multispectral MIFF image processing in ImageMagick before 7.1.1-44, packet_size is mishandled (related to the rendering of all channels in an arbitrary order). | ||||
| CVE-2017-9098 | 3 Debian, Graphicsmagick, Imagemagick | 3 Debian Linux, Graphicsmagick, Imagemagick | 2025-04-20 | 7.5 High |
| ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image data on behalf of multiple users. This is caused by a missing initialization step in the ReadRLEImage function in coders/rle.c. | ||||
| CVE-2017-11448 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 6.5 Medium |
| The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file. | ||||
| CVE-2017-8830 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | N/A |
| In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows attackers to cause a denial of service (memory leak) via a crafted file. | ||||
| CVE-2017-13058 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | N/A |
| In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allows attackers to cause a denial of service via a crafted file. | ||||
| CVE-2017-9405 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | N/A |
| In ImageMagick 7.0.5-5, the ReadICONImage function in icon.c:452 allows attackers to cause a denial of service (memory leak) via a crafted file. | ||||
| CVE-2016-9559 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2025-04-20 | 6.5 Medium |
| coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image. | ||||
| CVE-2017-11449 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 8.8 High |
| coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin. | ||||
| CVE-2017-13769 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2025-04-20 | 6.5 Medium |
| The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file. | ||||
| CVE-2017-12434 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | N/A |
| In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service (assertion failure) in DestroyImageInfo in image.c. | ||||
| CVE-2017-11352 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2025-04-20 | 6.5 Medium |
| In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9144. | ||||
| CVE-2016-7522 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 6.5 Medium |
| The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file. | ||||
| CVE-2016-7533 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 6.5 Medium |
| The ReadWPGImage function in coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WPG file. | ||||
| CVE-2017-11360 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | N/A |
| The ReadRLEImage function in coders\rle.c in ImageMagick 7.0.6-1 has a large loop vulnerability via a crafted rle file that triggers a huge number_pixels value. | ||||
| CVE-2017-11450 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2025-04-20 | 8.8 High |
| coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short. | ||||