Imagemagick
by ImageMagick
Source repositories
CVEs (781)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2014-9835 | Hig | 0.51 | 7.8 | 0.01 | Mar 22, 2017 | Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file. | ||
| CVE-2014-9834 | Hig | 0.51 | 7.8 | 0.01 | Mar 22, 2017 | Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file. | ||
| CVE-2014-9833 | Hig | 0.51 | 7.8 | 0.01 | Mar 22, 2017 | Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file. | ||
| CVE-2014-9832 | Hig | 0.51 | 7.8 | 0.01 | Mar 22, 2017 | Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file. | ||
| CVE-2016-8707 | Hig | 0.51 | 7.8 | 0.04 | Dec 23, 2016 | An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code execution. The vulnerability… | ||
| CVE-2007-4988 | Hig | 0.51 | 7.8 | 0.03 | Sep 24, 2007 | Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow. | ||
| CVE-2026-53461 | Hig | 0.49 | 7.5 | 0.00 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, an incorrect loop in the ICON decoder can result in an out of bounds heap write resulting in a crash. This issue has been patched in versions… | ||
| CVE-2026-53460 | Hig | 0.49 | 7.5 | 0.00 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, a missing check for maximum memory request in AcquireAlignedMemory could trigger an out-of-Memory condition. This issue has been patched in… | ||
| CVE-2026-49218 | Hig | 0.49 | 7.5 | 0.00 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, a missing check in the DCM decoder could result in an image with invalid dimensions and that could cause crashes in other operation. This… | ||
| CVE-2026-46520 | Hig | 0.49 | 7.5 | 0.00 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when reading multiple images with different dimensions an out of bounds heap write can occur. This issue has been patched in versions… | ||
| CVE-2017-15033 | Hig | 0.49 | 7.5 | 0.02 | Oct 5, 2017 | ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c. | ||
| CVE-2017-14739 | Hig | 0.49 | 7.5 | 0.03 | Sep 26, 2017 | The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows remote attackers to cause a denial of service (NULL Pointer Dereference in DistortImage in MagickCore/distort.c, and application… | ||
| CVE-2017-14137 | Hig | 0.49 | 7.5 | 0.01 | Sep 4, 2017 | ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue where memory allocation is excessive because it depends only on a length field in a header. | ||
| CVE-2017-13143 | Hig | 0.49 | 7.5 | 0.03 | Aug 23, 2017 | In ImageMagick before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage function in coders/mat.c uses uninitialized data, which might allow remote attackers to obtain sensitive information from process memory. | ||
| CVE-2017-12435 | Hig | 0.49 | 7.5 | 0.02 | Aug 4, 2017 | In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service. | ||
| CVE-2017-12430 | Hig | 0.49 | 7.5 | 0.02 | Aug 4, 2017 | In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service. | ||
| CVE-2017-12429 | Hig | 0.49 | 7.5 | 0.02 | Aug 4, 2017 | In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service. | ||
| CVE-2017-12428 | Hig | 0.49 | 7.5 | 0.02 | Aug 4, 2017 | In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadWMFImage in coders/wmf.c, which allows attackers to cause a denial of service in CloneDrawInfo in draw.c. | ||
| CVE-2017-12418 | Hig | 0.49 | 7.5 | 0.03 | Aug 4, 2017 | ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c. | ||
| CVE-2016-7539 | Hig | 0.49 | 7.5 | 0.05 | Jul 25, 2017 | Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. |
- risk 0.51cvss 7.8epss 0.01
Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file.
- risk 0.51cvss 7.8epss 0.01
Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file.
- risk 0.51cvss 7.8epss 0.01
Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file.
- risk 0.51cvss 7.8epss 0.01
Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file.
- risk 0.51cvss 7.8epss 0.04
An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code execution. The vulnerability…
- risk 0.51cvss 7.8epss 0.03
Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow.
- risk 0.49cvss 7.5epss 0.00
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, an incorrect loop in the ICON decoder can result in an out of bounds heap write resulting in a crash. This issue has been patched in versions…
- risk 0.49cvss 7.5epss 0.00
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, a missing check for maximum memory request in AcquireAlignedMemory could trigger an out-of-Memory condition. This issue has been patched in…
- risk 0.49cvss 7.5epss 0.00
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, a missing check in the DCM decoder could result in an image with invalid dimensions and that could cause crashes in other operation. This…
- risk 0.49cvss 7.5epss 0.00
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when reading multiple images with different dimensions an out of bounds heap write can occur. This issue has been patched in versions…
- risk 0.49cvss 7.5epss 0.02
ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c.
- risk 0.49cvss 7.5epss 0.03
The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows remote attackers to cause a denial of service (NULL Pointer Dereference in DistortImage in MagickCore/distort.c, and application…
- risk 0.49cvss 7.5epss 0.01
ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue where memory allocation is excessive because it depends only on a length field in a header.
- risk 0.49cvss 7.5epss 0.03
In ImageMagick before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage function in coders/mat.c uses uninitialized data, which might allow remote attackers to obtain sensitive information from process memory.
- risk 0.49cvss 7.5epss 0.02
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service.
- risk 0.49cvss 7.5epss 0.02
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service.
- risk 0.49cvss 7.5epss 0.02
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service.
- risk 0.49cvss 7.5epss 0.02
In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadWMFImage in coders/wmf.c, which allows attackers to cause a denial of service in CloneDrawInfo in draw.c.
- risk 0.49cvss 7.5epss 0.03
ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c.
- risk 0.49cvss 7.5epss 0.05
Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
Page 6 of 40