VYPR

Imagemagick

by ImageMagick

Source repositories

CVEs (781)

  • CVE-2026-33900MedApr 13, 2026
    risk 0.31cvss 5.9epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, the viff encoder contains an integer truncation/wraparound issue on 32-bit builds that could trigger an out of bounds heap write,…

  • CVE-2026-40311MedApr 13, 2026
    risk 0.29cvss 5.5epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. Versions below 7.1.2-19 and 6.9.13-44 contain a heap use-after-free vulnerability that can cause a crash when reading and printing values from an invalid XMP profile. This issue has…

  • CVE-2026-40310MedApr 13, 2026
    risk 0.29cvss 5.5epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. Versions below both 7.1.2-19 and 6.9.13-44, contain a heap out-of-bounds write in the JP2 encoder with when a user specifies an invalid sampling index. This issue has been fixed in…

  • CVE-2026-40183MedApr 13, 2026
    risk 0.29cvss 5.5epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, the JXL encoder has an heap write overflow when a user specifies that the image should be encoded as 16 bit floats. This issue has been fixed in version…

  • CVE-2026-33905MedApr 13, 2026
    risk 0.29cvss 5.5epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, the -sample operation has an out of bounds read when an specific offset is set through the `sample:offset` define that could lead to an…

  • CVE-2026-33902MedApr 13, 2026
    risk 0.29cvss 5.5epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, a stack overflow vulnerability in ImageMagick's FX expression parser allows an attacker to crash the process by providing a deeply nested…

  • CVE-2016-10058MedMar 23, 2017
    risk 0.29cvss 5.5epss 0.02

    Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick before 6.9.6-3 allows remote attackers to cause a denial of service (memory consumption) via a crafted image file.

  • CVE-2016-10053MedMar 23, 2017
    risk 0.29cvss 5.5epss 0.02

    The WriteTIFFImage function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file.

  • CVE-2016-10047MedMar 23, 2017
    risk 0.29cvss 5.5epss 0.02

    Memory leak in the NewXMLTree function in magick/xml-tree.c in ImageMagick before 6.9.4-7 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML file.

  • CVE-2016-10046MedMar 23, 2017
    risk 0.29cvss 5.5epss 0.02

    Heap-based buffer overflow in the DrawImage function in magick/draw.c in ImageMagick before 6.9.5-5 allows remote attackers to cause a denial of service (application crash) via a crafted image file.

  • CVE-2015-8898MedMar 15, 2017
    risk 0.29cvss 5.5epss 0.02

    The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image file.

  • CVE-2015-8897MedMar 15, 2017
    risk 0.29cvss 5.5epss 0.02

    The SpliceImage function in MagickCore/transform.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (application crash) via a crafted png file.

  • CVE-2015-8894MedMar 15, 2017
    risk 0.29cvss 5.5epss 0.01

    Double free vulnerability in coders/tga.c in ImageMagick 7.0.0 and later allows remote attackers to cause a denial of service (application crash) via a crafted tga file.

  • CVE-2016-10070MedMar 3, 2017
    risk 0.29cvss 5.5epss 0.02

    Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file.

  • CVE-2016-10066MedMar 3, 2017
    risk 0.29cvss 5.5epss 0.02

    Buffer overflow in the ReadVIFFImage function in coders/viff.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a crafted file.

  • CVE-2016-10071MedMar 2, 2017
    risk 0.29cvss 5.5epss 0.02

    coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file.

  • CVE-2016-10069MedMar 2, 2017
    risk 0.29cvss 5.5epss 0.02

    coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a mat file with an invalid number of frames.

  • CVE-2016-10068MedMar 2, 2017
    risk 0.29cvss 5.5epss 0.02

    The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file.

  • CVE-2015-8900MedFeb 27, 2017
    risk 0.29cvss 5.5epss 0.02

    The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service (infinite loop) via a crafted HDR file.

  • CVE-2026-53463MedJun 10, 2026
    risk 0.28cvss 4.3epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, when passing incorrect arguments in the distort operation a null pointer deference will occur. This issue has been patched in versions…

Page 24 of 40