Imagemagick
by ImageMagick
Source repositories
CVEs (781)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-49219 | Med | 0.36 | 5.5 | 0.00 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, an incorrect parsing of the filename can result in a policy bypass and read files disallowed by a security policy using a symlink. This issue… | ||
| CVE-2026-48734 | Med | 0.36 | 5.5 | 0.00 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, a crafted MVG file could result in a stack overflow due to a missing depth or visited-set check. This issue has been patched in versions… | ||
| CVE-2026-48724 | Med | 0.36 | 5.5 | 0.00 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-24, when using an image with mask the Floyd-Steinberg dithering method it will cause a negative heap buffer over-write. This issue has been patched in version… | ||
| CVE-2026-46521 | Med | 0.36 | 5.5 | 0.00 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when using LZMA compression in the MIFF encoder an out of bounds write can occur due to a missing check. This issue has been patched in… | ||
| CVE-2026-42050 | Med | 0.36 | 5.5 | 0.00 | May 11, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-21 and 6.9.13-46, a malicious MIFF file could trigger an overflow when a user opens it in the display tool and right-clicks a tile to invoke the Load / Update menu item.… | ||
| CVE-2017-10995 | Med | 0.36 | 5.5 | 0.02 | Jul 7, 2017 | The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted MNG image. | ||
| CVE-2015-8959 | Med | 0.36 | 6.5 | 0.03 | Apr 20, 2017 | coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file. | ||
| CVE-2014-8562 | Med | 0.36 | 5.5 | 0.02 | Apr 11, 2017 | DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read). | ||
| CVE-2014-8355 | Med | 0.36 | 5.5 | 0.02 | Apr 11, 2017 | PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read). | ||
| CVE-2014-9818 | Med | 0.36 | 5.5 | 0.01 | Mar 30, 2017 | ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a malformed sun file. | ||
| CVE-2014-9816 | Med | 0.36 | 5.5 | 0.01 | Mar 30, 2017 | ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff file. | ||
| CVE-2014-9815 | Med | 0.36 | 5.5 | 0.01 | Mar 30, 2017 | ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted wpg file. | ||
| CVE-2014-9814 | Med | 0.36 | 5.5 | 0.01 | Mar 30, 2017 | ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted wpg file. | ||
| CVE-2014-9813 | Med | 0.36 | 5.5 | 0.01 | Mar 30, 2017 | ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted viff file. | ||
| CVE-2014-9812 | Med | 0.36 | 5.5 | 0.01 | Mar 30, 2017 | ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted ps file. | ||
| CVE-2014-9811 | Med | 0.36 | 5.5 | 0.01 | Mar 30, 2017 | The xwd file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed xwd file. | ||
| CVE-2014-9810 | Med | 0.36 | 5.5 | 0.01 | Mar 30, 2017 | The dpx file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed dpx file. | ||
| CVE-2014-9809 | Med | 0.36 | 5.5 | 0.01 | Mar 30, 2017 | ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted xwd image. | ||
| CVE-2014-9808 | Med | 0.36 | 5.5 | 0.01 | Mar 30, 2017 | ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted dpc image. | ||
| CVE-2014-9807 | Med | 0.36 | 5.5 | 0.01 | Mar 30, 2017 | The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via unspecified vectors. |
- risk 0.36cvss 5.5epss 0.00
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, an incorrect parsing of the filename can result in a policy bypass and read files disallowed by a security policy using a symlink. This issue…
- risk 0.36cvss 5.5epss 0.00
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, a crafted MVG file could result in a stack overflow due to a missing depth or visited-set check. This issue has been patched in versions…
- risk 0.36cvss 5.5epss 0.00
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-24, when using an image with mask the Floyd-Steinberg dithering method it will cause a negative heap buffer over-write. This issue has been patched in version…
- risk 0.36cvss 5.5epss 0.00
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when using LZMA compression in the MIFF encoder an out of bounds write can occur due to a missing check. This issue has been patched in…
- risk 0.36cvss 5.5epss 0.00
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-21 and 6.9.13-46, a malicious MIFF file could trigger an overflow when a user opens it in the display tool and right-clicks a tile to invoke the Load / Update menu item.…
- risk 0.36cvss 5.5epss 0.02
The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted MNG image.
- risk 0.36cvss 6.5epss 0.03
coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file.
- risk 0.36cvss 5.5epss 0.02
DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).
- risk 0.36cvss 5.5epss 0.02
PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).
- risk 0.36cvss 5.5epss 0.01
ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a malformed sun file.
- risk 0.36cvss 5.5epss 0.01
ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff file.
- risk 0.36cvss 5.5epss 0.01
ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted wpg file.
- risk 0.36cvss 5.5epss 0.01
ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted wpg file.
- risk 0.36cvss 5.5epss 0.01
ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted viff file.
- risk 0.36cvss 5.5epss 0.01
ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted ps file.
- risk 0.36cvss 5.5epss 0.01
The xwd file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed xwd file.
- risk 0.36cvss 5.5epss 0.01
The dpx file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed dpx file.
- risk 0.36cvss 5.5epss 0.01
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted xwd image.
- risk 0.36cvss 5.5epss 0.01
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted dpc image.
- risk 0.36cvss 5.5epss 0.01
The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via unspecified vectors.
Page 21 of 40