Vulnerabilities (CVE)

Filtered by vendor Imagemagick Subscribe
Filtered by product Imagemagick
Total 645 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-8357 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-5, the ReadEPTImage function in ept.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9141 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the ResetImageProfileIterator function in MagickCore/profile.c because of missing checks in the ReadDDSImage function in coders/dds.c.
CVE-2016-5841 2 Imagemagick, Oracle 2 Imagemagick, Solaris 2024-02-28 7.5 HIGH 9.8 CRITICAL
Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable.
CVE-2016-5690 2 Imagemagick, Oracle 2 Imagemagick, Solaris 2024-02-28 7.5 HIGH 9.8 CRITICAL
The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table.
CVE-2014-9851 4 Canonical, Imagemagick, Opensuse and 1 more 9 Ubuntu Linux, Imagemagick, Opensuse and 6 more 2024-02-28 5.0 MEDIUM 7.5 HIGH
ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash).
CVE-2017-8355 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-5, the ReadMTVImage function in mtv.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-8352 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-5, the ReadXWDImage function in xwd.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2014-9836 1 Imagemagick 1 Imagemagick 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service via a crafted xpm file.
CVE-2016-10063 1 Imagemagick 1 Imagemagick 2024-02-28 6.8 MEDIUM 7.8 HIGH
Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file, related to extend validity.
CVE-2016-10048 2 Imagemagick, Opensuse Project 2 Imagemagick, Leap 2024-02-28 5.0 MEDIUM 7.5 HIGH
Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified vectors.
CVE-2017-5508 1 Imagemagick 1 Imagemagick 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file.
CVE-2016-8677 3 Debian, Imagemagick, Opensuse 3 Debian Linux, Imagemagick, Opensuse 2024-02-28 6.8 MEDIUM 8.8 HIGH
The AcquireQuantumPixels function in MagickCore/quantum.c in ImageMagick before 7.0.3-1 allows remote attackers to have unspecified impact via a crafted image file, which triggers a memory allocation failure.
CVE-2016-10059 1 Imagemagick 1 Imagemagick 2024-02-28 6.8 MEDIUM 7.8 HIGH
Buffer overflow in coders/tiff.c in ImageMagick before 6.9.4-1 allows remote attackers to cause a denial of service (application crash) or have unspecified other impact via a crafted TIFF file.
CVE-2014-8562 1 Imagemagick 1 Imagemagick 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).
CVE-2014-9844 5 Canonical, Imagemagick, Opensuse and 2 more 10 Ubuntu Linux, Imagemagick, Opensuse and 7 more 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.
CVE-2017-5506 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2024-02-28 6.8 MEDIUM 7.8 HIGH
Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file.
CVE-2017-9142 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the WriteBlob function in MagickCore/blob.c because of missing checks in the ReadOneJNGImage function in coders/png.c.
CVE-2016-10051 2 Imagemagick, Opensuse 2 Imagemagick, Leap 2024-02-28 6.8 MEDIUM 7.8 HIGH
Use-after-free vulnerability in the ReadPWPImage function in coders/pwp.c in ImageMagick 6.9.5-5 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2014-9837 1 Imagemagick 1 Imagemagick 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file.
CVE-2014-9849 4 Canonical, Imagemagick, Opensuse and 1 more 9 Ubuntu Linux, Imagemagick, Opensuse and 6 more 2024-02-28 5.0 MEDIUM 7.5 HIGH
The png coder in ImageMagick allows remote attackers to cause a denial of service (crash).