NuGet package
magick.net-q16-openmp-x86
pkg:nuget/magick.net-q16-openmp-x86
Vulnerabilities (57)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-25898 | — | < 14.10.3 | 14.10.3 | Feb 24, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the UIL and XPM image encoder do not validate the pixel index value returned by `GetPixelIndex()` before using it as an array subscript. In HDR | ||
| CVE-2026-25897 | — | < 14.10.3 | 14.10.3 | Feb 24, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, an Integer Overflow vulnerability exists in the sun decoder. On 32-bit systems/builds, a carefully crafted image can lead to an out of bounds h | ||
| CVE-2026-25799 | — | < 14.10.3 | 14.10.3 | Feb 24, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a logic error in YUV sampling factor validation allows an invalid sampling factor to bypass checks and trigger a division-by-zero during image | ||
| CVE-2026-25798 | — | < 14.10.3 | 14.10.3 | Feb 24, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a NULL pointer dereference in ClonePixelCacheRepository allows a remote attacker to crash any application linked against ImageMagick by supplyi | ||
| CVE-2026-25797 | — | < 14.10.3 | 14.10.3 | Feb 24, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the ps coders, responsible for writing PostScript files, fails to sanitize the input before writing it into the PostScript header. An attacker | ||
| CVE-2026-25796 | — | < 14.10.3 | 14.10.3 | Feb 24, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, in `ReadSTEGANOImage()` (`coders/stegano.c`), the `watermark` Image object is not freed on three early-return paths, resulting in a definite me | ||
| CVE-2026-25795 | — | < 14.10.3 | 14.10.3 | Feb 24, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, in `ReadSFWImage()` (`coders/sfw.c`), when temporary file creation fails, `read_info` is destroyed before its `filename` member is accessed, ca | ||
| CVE-2026-25794 | — | < 14.10.3 | 14.10.3 | Feb 24, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. `WriteUHDRImage` in `coders/uhdr.c` uses `int` arithmetic to compute the pixel buffer size. Prior to version 7.1.2-15, when image dimensions are large, the multiplication overflows 32-b | ||
| CVE-2026-25638 | — | < 14.10.3 | 14.10.3 | Feb 24, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, memory leak exists in `coders/msl.c`. In the `WriteMSLImage` function of the `msl.c` file, resources are allocated. But the function returns ea | ||
| CVE-2026-25637 | — | < 14.10.3 | 14.10.3 | Feb 24, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a memory leak in the ASHLAR image writer allows an attacker to exhaust process memory by providing a crafted image that results in small objects that are allo | ||
| CVE-2026-25576 | — | < 14.10.3 | 14.10.3 | Feb 24, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in multiple raw image format handles. The vulnerability occurs when processing images with -extrac | ||
| CVE-2026-24485 | — | < 14.10.3 | 14.10.3 | Feb 24, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, when a PCD file does not contain a valid Sync marker, the DecodeImage() function becomes trapped in an infinite loop while searching for the Sy | ||
| CVE-2026-24484 | — | < 14.10.3 | 14.10.3 | Feb 24, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, Magick fails to check for multi-layer nested mvg conversions to svg, leading to DoS. Versions 7.1.2-15 and 6.9.13-40 contain a patch. | ||
| CVE-2026-23952 | — | < 14.10.2 | 14.10.2 | Jan 22, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Versions 14.10.1 and below have a NULL pointer dereference vulnerability in the MSL (Magick Scripting Language) parser when processing tags before images are loaded. This can | ||
| CVE-2026-22770 | — | < 14.10.2 | 14.10.2 | Jan 20, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. The BilateralBlurImage method will allocate a set of double buffers inside AcquireBilateralTLS. But, in versions prior to 7.1.2-13, the last element in the set is not properly initializ | ||
| CVE-2025-53015 | — | < 14.7.0 | 14.7.0 | Jul 14, 2025 | ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0, infinite lines occur when writing during a specific XMP file conversion command. Version 7.1.2-0 fixes the issue. | ||
| CVE-2023-1289 | — | < 13.0.0 | 13.0.0 | Mar 23, 2023 | A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," result |
- CVE-2026-25898Feb 24, 2026affected < 14.10.3fixed 14.10.3
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the UIL and XPM image encoder do not validate the pixel index value returned by `GetPixelIndex()` before using it as an array subscript. In HDR
- CVE-2026-25897Feb 24, 2026affected < 14.10.3fixed 14.10.3
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, an Integer Overflow vulnerability exists in the sun decoder. On 32-bit systems/builds, a carefully crafted image can lead to an out of bounds h
- CVE-2026-25799Feb 24, 2026affected < 14.10.3fixed 14.10.3
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a logic error in YUV sampling factor validation allows an invalid sampling factor to bypass checks and trigger a division-by-zero during image
- CVE-2026-25798Feb 24, 2026affected < 14.10.3fixed 14.10.3
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a NULL pointer dereference in ClonePixelCacheRepository allows a remote attacker to crash any application linked against ImageMagick by supplyi
- CVE-2026-25797Feb 24, 2026affected < 14.10.3fixed 14.10.3
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the ps coders, responsible for writing PostScript files, fails to sanitize the input before writing it into the PostScript header. An attacker
- CVE-2026-25796Feb 24, 2026affected < 14.10.3fixed 14.10.3
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, in `ReadSTEGANOImage()` (`coders/stegano.c`), the `watermark` Image object is not freed on three early-return paths, resulting in a definite me
- CVE-2026-25795Feb 24, 2026affected < 14.10.3fixed 14.10.3
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, in `ReadSFWImage()` (`coders/sfw.c`), when temporary file creation fails, `read_info` is destroyed before its `filename` member is accessed, ca
- CVE-2026-25794Feb 24, 2026affected < 14.10.3fixed 14.10.3
ImageMagick is free and open-source software used for editing and manipulating digital images. `WriteUHDRImage` in `coders/uhdr.c` uses `int` arithmetic to compute the pixel buffer size. Prior to version 7.1.2-15, when image dimensions are large, the multiplication overflows 32-b
- CVE-2026-25638Feb 24, 2026affected < 14.10.3fixed 14.10.3
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, memory leak exists in `coders/msl.c`. In the `WriteMSLImage` function of the `msl.c` file, resources are allocated. But the function returns ea
- CVE-2026-25637Feb 24, 2026affected < 14.10.3fixed 14.10.3
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a memory leak in the ASHLAR image writer allows an attacker to exhaust process memory by providing a crafted image that results in small objects that are allo
- CVE-2026-25576Feb 24, 2026affected < 14.10.3fixed 14.10.3
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in multiple raw image format handles. The vulnerability occurs when processing images with -extrac
- CVE-2026-24485Feb 24, 2026affected < 14.10.3fixed 14.10.3
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, when a PCD file does not contain a valid Sync marker, the DecodeImage() function becomes trapped in an infinite loop while searching for the Sy
- CVE-2026-24484Feb 24, 2026affected < 14.10.3fixed 14.10.3
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, Magick fails to check for multi-layer nested mvg conversions to svg, leading to DoS. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
- CVE-2026-23952Jan 22, 2026affected < 14.10.2fixed 14.10.2
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions 14.10.1 and below have a NULL pointer dereference vulnerability in the MSL (Magick Scripting Language) parser when processing tags before images are loaded. This can
- CVE-2026-22770Jan 20, 2026affected < 14.10.2fixed 14.10.2
ImageMagick is free and open-source software used for editing and manipulating digital images. The BilateralBlurImage method will allocate a set of double buffers inside AcquireBilateralTLS. But, in versions prior to 7.1.2-13, the last element in the set is not properly initializ
- CVE-2025-53015Jul 14, 2025affected < 14.7.0fixed 14.7.0
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0, infinite lines occur when writing during a specific XMP file conversion command. Version 7.1.2-0 fixes the issue.
- CVE-2023-1289Mar 23, 2023affected < 13.0.0fixed 13.0.0
A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," result
Page 3 of 3