Vulnerabilities (CVE)

Filtered by vendor Imagemagick Subscribe
Total 646 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-41817 1 Imagemagick 1 Imagemagick 2024-10-10 N/A 7.8 HIGH
ImageMagick is a free and open-source software suite, used for editing and manipulating digital images. The `AppImage` version `ImageMagick` might use an empty path when setting `MAGICK_CONFIGURE_PATH` and `LD_LIBRARY_PATH` environment variables while executing, which might lead to arbitrary code execution by loading malicious configuration files or shared libraries in the current working directory while executing `ImageMagick`. The vulnerability is fixed in 7.11-36.
CVE-2016-3714 5 Canonical, Debian, Imagemagick and 2 more 6 Ubuntu Linux, Debian Linux, Imagemagick and 3 more 2024-09-11 10.0 HIGH 8.4 HIGH
The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka "ImageTragick."
CVE-2016-3715 6 Canonical, Imagemagick, Opensuse and 3 more 30 Ubuntu Linux, Imagemagick, Leap and 27 more 2024-07-24 5.8 MEDIUM 5.5 MEDIUM
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
CVE-2016-3718 6 Canonical, Imagemagick, Opensuse and 3 more 30 Ubuntu Linux, Imagemagick, Leap and 27 more 2024-07-24 4.3 MEDIUM 5.5 MEDIUM
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
CVE-2016-7537 1 Imagemagick 1 Imagemagick 2024-07-10 4.3 MEDIUM 6.5 MEDIUM
MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file.
CVE-2016-7536 1 Imagemagick 1 Imagemagick 2024-07-10 4.3 MEDIUM 6.5 MEDIUM
magick/profile.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted profile.
CVE-2016-7535 1 Imagemagick 1 Imagemagick 2024-07-10 4.3 MEDIUM 6.5 MEDIUM
coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PSD file.
CVE-2016-7534 1 Imagemagick 1 Imagemagick 2024-07-10 4.3 MEDIUM 6.5 MEDIUM
The generic decoder in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted file.
CVE-2016-7518 1 Imagemagick 1 Imagemagick 2024-07-03 4.3 MEDIUM 6.5 MEDIUM
The ReadSUNImage function in coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SUN file.
CVE-2016-7516 1 Imagemagick 1 Imagemagick 2024-07-03 4.3 MEDIUM 6.5 MEDIUM
The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted VIFF file.
CVE-2016-7519 1 Imagemagick 1 Imagemagick 2024-07-03 4.3 MEDIUM 6.5 MEDIUM
The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
CVE-2016-7533 1 Imagemagick 1 Imagemagick 2024-07-03 4.3 MEDIUM 6.5 MEDIUM
The ReadWPGImage function in coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WPG file.
CVE-2016-7530 1 Imagemagick 1 Imagemagick 2024-07-03 4.3 MEDIUM 6.5 MEDIUM
The quantum handling code in ImageMagick allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds write) via a crafted file.
CVE-2016-7529 1 Imagemagick 1 Imagemagick 2024-07-03 4.3 MEDIUM 6.5 MEDIUM
coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted XCF file.
CVE-2016-7528 1 Imagemagick 1 Imagemagick 2024-07-03 4.3 MEDIUM 6.5 MEDIUM
The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted VIFF file.
CVE-2016-7527 1 Imagemagick 1 Imagemagick 2024-07-03 4.3 MEDIUM 6.5 MEDIUM
coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
CVE-2016-7526 1 Imagemagick 1 Imagemagick 2024-07-03 4.3 MEDIUM 6.5 MEDIUM
coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
CVE-2016-7525 1 Imagemagick 1 Imagemagick 2024-07-03 4.3 MEDIUM 6.5 MEDIUM
Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
CVE-2016-7524 1 Imagemagick 1 Imagemagick 2024-07-03 4.3 MEDIUM 6.5 MEDIUM
coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
CVE-2016-7523 1 Imagemagick 1 Imagemagick 2024-07-03 4.3 MEDIUM 6.5 MEDIUM
coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.