VYPR

Imagemagick

by ImageMagick

Source repositories

CVEs (781)

  • CVE-2016-10146HigMar 24, 2017
    risk 0.42cvss 7.5epss 0.05

    Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors.

  • CVE-2016-10048HigMar 23, 2017
    risk 0.42cvss 7.5epss 0.07

    Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified vectors.

  • CVE-2015-8895HigMar 15, 2017
    risk 0.42cvss 7.5epss 0.05

    Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause a denial of service (application crash) via a crafted length value, which triggers a buffer overflow.

  • CVE-2016-10067HigMar 2, 2017
    risk 0.42cvss 7.5epss 0.03

    magick/memory.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via vectors involving "too many exceptions," which trigger a buffer overflow.

  • CVE-2015-8903MedFeb 27, 2017
    risk 0.42cvss 6.5epss 0.02

    The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file.

  • CVE-2015-8902MedFeb 27, 2017
    risk 0.42cvss 6.5epss 0.02

    The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file.

  • CVE-2015-8901MedFeb 27, 2017
    risk 0.42cvss 6.5epss 0.02

    ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file.

  • CVE-2016-7101MedJan 18, 2017
    risk 0.42cvss 6.5epss 0.03

    The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file.

  • CVE-2012-1798MedJun 5, 2012
    risk 0.42cvss 6.5epss 0.02

    The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image.

  • CVE-2012-0260MedJun 5, 2012
    risk 0.42cvss 6.5epss 0.02

    The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of restart markers.

  • CVE-2012-0259MedJun 5, 2012
    risk 0.42cvss 6.5epss 0.02

    The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolution tag in a JPEG file, which triggers an out-of-bounds read.

  • CVE-2026-53465MedJun 10, 2026
    risk 0.40cvss 6.2epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-25, a crafted multi-frame can result in a heap buffer over-write when encoding it with the SF3 encoder. This issue has been patched in version 7.1.2-25.

  • CVE-2026-46557MedJun 10, 2026
    risk 0.40cvss 6.2epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-23, due to a missing depth check a stack overflow can occur in the fx operation by passing a crafted argument. This issue has been patched in version 7.1.2-23.

  • CVE-2026-46523MedJun 10, 2026
    risk 0.40cvss 6.2epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, a crafted MSL image can trigger a heap-use-after-free. Versions 7.1.2.23 and 6.9.13-48 fix the issue.

  • CVE-2014-8716MedApr 11, 2017
    risk 0.40cvss 6.2epss 0.00

    The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and crash).

  • CVE-2016-3717MedMay 5, 2016
    risk 0.40cvss 5.5epss 0.20

    The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.

  • CVE-2026-53462MedJun 10, 2026
    risk 0.38cvss 5.9epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, when an allocation fails in CheckPrimitiveExtent this can result in a heap-use-after-free and result in a crash. This issue has been patched…

  • CVE-2026-48994MedJun 10, 2026
    risk 0.38cvss 5.9epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, a missing check of a return value could lead to a heap buffer over-write in the MAT decoder on 32-bit systems. This issue has been patched in…

  • CVE-2026-47166MedJun 10, 2026
    risk 0.37cvss 5.7epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can cause a heap buffer over-read in the server process. This issue has been…

  • CVE-2026-45359MedJun 10, 2026
    risk 0.37cvss 5.7epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation.…

Page 20 of 40