Imagemagick
by ImageMagick
Source repositories
CVEs (781)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-7538 | Med | 0.43 | 6.5 | 0.03 | Apr 20, 2017 | coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file. | ||
| CVE-2016-7535 | Med | 0.43 | 6.5 | 0.03 | Apr 20, 2017 | coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PSD file. | ||
| CVE-2016-7534 | Med | 0.43 | 6.5 | 0.03 | Apr 20, 2017 | The generic decoder in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted file. | ||
| CVE-2016-7530 | Med | 0.43 | 6.5 | 0.03 | Apr 20, 2017 | The quantum handling code in ImageMagick allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds write) via a crafted file. | ||
| CVE-2016-7526 | Med | 0.43 | 6.5 | 0.04 | Apr 20, 2017 | coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file. | ||
| CVE-2016-7521 | Med | 0.43 | 6.5 | 0.04 | Apr 20, 2017 | Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file. | ||
| CVE-2016-7537 | Med | 0.43 | 6.5 | 0.03 | Apr 19, 2017 | MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file. | ||
| CVE-2016-9559 | Med | 0.43 | 6.5 | 0.04 | Mar 1, 2017 | coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image. | ||
| CVE-2016-7799 | Med | 0.43 | 6.5 | 0.04 | Jan 18, 2017 | MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. | ||
| CVE-2026-33908 | Hig | 0.42 | 7.5 | 0.01 | Apr 13, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, Magick frees the memory of the XML tree via the `DestroyXMLTree()` function; however, this process is executed recursively with no depth… | ||
| CVE-2026-33901 | Hig | 0.42 | 7.5 | 0.01 | Apr 13, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, a heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image. This issue… | ||
| CVE-2018-18025 | Med | 0.42 | 6.5 | 0.03 | Oct 7, 2018 | In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the EncodeImage function of coders/pict.c, which allows attackers to cause a denial of service via a crafted SVG image file. | ||
| CVE-2018-18024 | Med | 0.42 | 6.5 | 0.03 | Oct 7, 2018 | In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ReadBMPImage function of the coders/bmp.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. | ||
| CVE-2018-18023 | Med | 0.42 | 6.5 | 0.01 | Oct 7, 2018 | In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the SVGStripString function of coders/svg.c, which allows attackers to cause a denial of service via a crafted SVG image file. | ||
| CVE-2018-17967 | Med | 0.42 | 6.5 | 0.01 | Oct 3, 2018 | ImageMagick 7.0.7-28 has a memory leak vulnerability in ReadBGRImage in coders/bgr.c. | ||
| CVE-2018-17966 | Med | 0.42 | 6.5 | 0.02 | Oct 3, 2018 | ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePDBImage in coders/pdb.c. | ||
| CVE-2018-17965 | Med | 0.42 | 6.5 | 0.02 | Oct 3, 2018 | ImageMagick 7.0.7-28 has a memory leak vulnerability in WriteSGIImage in coders/sgi.c. | ||
| CVE-2018-16750 | Med | 0.42 | 6.5 | 0.03 | Sep 9, 2018 | In ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfromBuffer function in coders/meta.c was found. | ||
| CVE-2018-14437 | Med | 0.42 | 6.5 | 0.02 | Jul 20, 2018 | ImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c. | ||
| CVE-2018-14436 | Med | 0.42 | 6.5 | 0.02 | Jul 20, 2018 | ImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in coders/miff.c. |
- risk 0.43cvss 6.5epss 0.03
coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
- risk 0.43cvss 6.5epss 0.03
coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PSD file.
- risk 0.43cvss 6.5epss 0.03
The generic decoder in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted file.
- risk 0.43cvss 6.5epss 0.03
The quantum handling code in ImageMagick allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds write) via a crafted file.
- risk 0.43cvss 6.5epss 0.04
coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
- risk 0.43cvss 6.5epss 0.04
Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
- risk 0.43cvss 6.5epss 0.03
MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file.
- risk 0.43cvss 6.5epss 0.04
coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image.
- risk 0.43cvss 6.5epss 0.04
MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
- risk 0.42cvss 7.5epss 0.01
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, Magick frees the memory of the XML tree via the `DestroyXMLTree()` function; however, this process is executed recursively with no depth…
- risk 0.42cvss 7.5epss 0.01
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, a heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image. This issue…
- risk 0.42cvss 6.5epss 0.03
In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the EncodeImage function of coders/pict.c, which allows attackers to cause a denial of service via a crafted SVG image file.
- risk 0.42cvss 6.5epss 0.03
In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ReadBMPImage function of the coders/bmp.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.
- risk 0.42cvss 6.5epss 0.01
In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the SVGStripString function of coders/svg.c, which allows attackers to cause a denial of service via a crafted SVG image file.
- risk 0.42cvss 6.5epss 0.01
ImageMagick 7.0.7-28 has a memory leak vulnerability in ReadBGRImage in coders/bgr.c.
- risk 0.42cvss 6.5epss 0.02
ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePDBImage in coders/pdb.c.
- risk 0.42cvss 6.5epss 0.02
ImageMagick 7.0.7-28 has a memory leak vulnerability in WriteSGIImage in coders/sgi.c.
- risk 0.42cvss 6.5epss 0.03
In ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfromBuffer function in coders/meta.c was found.
- risk 0.42cvss 6.5epss 0.02
ImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c.
- risk 0.42cvss 6.5epss 0.02
ImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in coders/miff.c.
Page 9 of 40