Vulnerabilities (CVE)

Filtered by vendor Imagemagick Subscribe
Filtered by product Imagemagick
Total 645 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-7101 1 Imagemagick 1 Imagemagick 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file.
CVE-2014-9842 4 Canonical, Imagemagick, Opensuse and 1 more 9 Ubuntu Linux, Imagemagick, Opensuse and 6 more 2024-02-28 5.0 MEDIUM 7.5 HIGH
Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
CVE-2014-9846 5 Canonical, Imagemagick, Opensuse and 2 more 11 Ubuntu Linux, Imagemagick, Leap and 8 more 2024-02-28 7.5 HIGH 9.8 CRITICAL
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact.
CVE-2016-10068 3 Imagemagick, Opensuse, Opensuse Project 3 Imagemagick, Leap, Leap 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file.
CVE-2017-8344 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-5, the ReadPCXImage function in pcx.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2016-10046 1 Imagemagick 1 Imagemagick 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
Heap-based buffer overflow in the DrawImage function in magick/draw.c in ImageMagick before 6.9.5-5 allows remote attackers to cause a denial of service (application crash) via a crafted image file.
CVE-2017-6502 1 Imagemagick 1 Imagemagick 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in ImageMagick 6.9.7. A specially crafted webp file could lead to a file-descriptor leak in libmagickcore (thus, a DoS).
CVE-2015-8957 1 Imagemagick 1 Imagemagick 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file.
CVE-2016-10057 1 Imagemagick 1 Imagemagick 2024-02-28 6.8 MEDIUM 7.8 HIGH
Buffer overflow in the WriteGROUP4Image function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2015-8897 1 Imagemagick 1 Imagemagick 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
The SpliceImage function in MagickCore/transform.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (application crash) via a crafted png file.
CVE-2016-6491 2 Imagemagick, Oracle 2 Imagemagick, Solaris 2024-02-28 6.8 MEDIUM 8.8 HIGH
Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read, memory leak, and crash) via a crafted image.
CVE-2014-9915 1 Imagemagick 1 Imagemagick 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
Off-by-one error in ImageMagick before 6.6.0-4 allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM profile.
CVE-2015-8894 1 Imagemagick 1 Imagemagick 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
Double free vulnerability in coders/tga.c in ImageMagick 7.0.0 and later allows remote attackers to cause a denial of service (application crash) via a crafted tga file.
CVE-2016-10062 1 Imagemagick 1 Imagemagick 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
CVE-2016-10252 1 Imagemagick 1 Imagemagick 2024-02-28 7.8 HIGH 7.5 HIGH
Memory leak in the IsOptionMember function in MagickCore/option.c in ImageMagick before 6.9.2-2, as used in ODR-PadEnc and other products, allows attackers to trigger memory consumption.
CVE-2016-9559 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image.
CVE-2016-5842 2 Imagemagick, Oracle 2 Imagemagick, Solaris 2024-02-28 5.0 MEDIUM 7.5 HIGH
MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read.
CVE-2016-5010 1 Imagemagick 1 Imagemagick 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
coders/tiff.c in ImageMagick before 6.9.5-3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF file.
CVE-2014-8716 1 Imagemagick 1 Imagemagick 2024-02-28 2.1 LOW 6.2 MEDIUM
The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and crash).
CVE-2016-9298 1 Imagemagick 1 Imagemagick 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
Heap overflow in the WaveletDenoiseImage function in MagickCore/fx.c in ImageMagick before 6.9.6-4 and 7.x before 7.0.3-6 allows remote attackers to cause a denial of service (crash) via a crafted image.