VYPR

Vendor CVEs

ImageMagick

All CVEs

783 total · sorted by risk
  • CVE-2017-8347MedApr 30, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.5-5, the ReadEXRImage function in exr.c allows attackers to cause a denial of service (memory leak) via a crafted file.

  • CVE-2017-8346MedApr 30, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.5-5, the ReadDCMImage function in dcm.c allows attackers to cause a denial of service (memory leak) via a crafted file.

  • CVE-2017-8345MedApr 30, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.5-5, the ReadMNGImage function in png.c allows attackers to cause a denial of service (memory leak) via a crafted file.

  • CVE-2017-8344MedApr 30, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.5-5, the ReadPCXImage function in pcx.c allows attackers to cause a denial of service (memory leak) via a crafted file.

  • CVE-2017-8343MedApr 30, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.5-5, the ReadAAIImage function in aai.c allows attackers to cause a denial of service (memory leak) via a crafted file.

  • CVE-2016-7540MedApr 20, 2017
    risk 0.42cvss 6.5epss 0.03

    coders/rgf.c in ImageMagick before 6.9.4-10 allows remote attackers to cause a denial of service (assertion failure) by converting an image to rgf format.

  • CVE-2016-7536MedApr 20, 2017
    risk 0.42cvss 6.5epss 0.03

    magick/profile.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted profile.

  • CVE-2016-7532MedApr 20, 2017
    risk 0.42cvss 6.5epss 0.03

    coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.

  • CVE-2016-7527MedApr 20, 2017
    risk 0.42cvss 6.5epss 0.03

    coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.

  • CVE-2016-7525MedApr 20, 2017
    risk 0.42cvss 6.5epss 0.03

    Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.

  • CVE-2016-7520MedApr 20, 2017
    risk 0.42cvss 6.5epss 0.03

    Heap-based buffer overflow in coders/hdr.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted HDR file.

  • CVE-2016-7518MedApr 20, 2017
    risk 0.42cvss 6.5epss 0.03

    The ReadSUNImage function in coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SUN file.

  • CVE-2016-7517MedApr 20, 2017
    risk 0.42cvss 6.5epss 0.03

    The EncodeImage function in coders/pict.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PICT file.

  • CVE-2016-7516MedApr 20, 2017
    risk 0.42cvss 6.5epss 0.03

    The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted VIFF file.

  • CVE-2016-7514MedApr 20, 2017
    risk 0.42cvss 6.5epss 0.03

    The ReadPSDChannelPixels function in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.

  • CVE-2016-7513MedApr 20, 2017
    risk 0.42cvss 6.5epss 0.02

    Off-by-one error in magick/cache.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors.

  • CVE-2016-5010MedApr 20, 2017
    risk 0.42cvss 6.5epss 0.02

    coders/tiff.c in ImageMagick before 6.9.5-3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF file.

  • CVE-2016-7533MedApr 19, 2017
    risk 0.42cvss 6.5epss 0.03

    The ReadWPGImage function in coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WPG file.

  • CVE-2016-7531MedApr 19, 2017
    risk 0.42cvss 6.5epss 0.03

    MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PDB file.

  • CVE-2016-7529MedApr 19, 2017
    risk 0.42cvss 6.5epss 0.03

    coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted XCF file.

  • CVE-2016-7528MedApr 19, 2017
    risk 0.42cvss 6.5epss 0.03

    The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted VIFF file.

  • CVE-2016-7522MedApr 19, 2017
    risk 0.42cvss 6.5epss 0.03

    The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.

  • CVE-2016-7519MedApr 19, 2017
    risk 0.42cvss 6.5epss 0.03

    The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.

  • CVE-2016-7515MedApr 19, 2017
    risk 0.42cvss 6.5epss 0.03

    The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the number of pixels.

  • CVE-2017-7943MedApr 18, 2017
    risk 0.42cvss 6.5epss 0.03

    The ReadSVGImage function in svg.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.

  • CVE-2017-7942MedApr 18, 2017
    risk 0.42cvss 6.5epss 0.02

    The ReadAVSImage function in avs.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.

  • CVE-2017-7941MedApr 18, 2017
    risk 0.42cvss 6.5epss 0.03

    The ReadSGIImage function in sgi.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.

  • CVE-2014-9837MedApr 11, 2017
    risk 0.42cvss 6.5epss 0.02

    coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file.

  • CVE-2014-8354MedApr 11, 2017
    risk 0.42cvss 6.5epss 0.03

    The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.

  • CVE-2017-7606MedApr 9, 2017
    risk 0.42cvss 6.5epss 0.02

    coders/rle.c in ImageMagick 7.0.5-4 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted…

  • CVE-2014-9829MedApr 5, 2017
    risk 0.42cvss 6.5epss 0.02

    coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted sun file.

  • CVE-2016-10146HigMar 24, 2017
    risk 0.42cvss 7.5epss 0.05

    Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors.

  • CVE-2016-10048HigMar 23, 2017
    risk 0.42cvss 7.5epss 0.07

    Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified vectors.

  • CVE-2015-8895HigMar 15, 2017
    risk 0.42cvss 7.5epss 0.05

    Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause a denial of service (application crash) via a crafted length value, which triggers a buffer overflow.

  • CVE-2016-10067HigMar 2, 2017
    risk 0.42cvss 7.5epss 0.03

    magick/memory.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via vectors involving "too many exceptions," which trigger a buffer overflow.

  • CVE-2015-8903MedFeb 27, 2017
    risk 0.42cvss 6.5epss 0.02

    The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file.

  • CVE-2015-8902MedFeb 27, 2017
    risk 0.42cvss 6.5epss 0.02

    The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file.

  • CVE-2015-8901MedFeb 27, 2017
    risk 0.42cvss 6.5epss 0.02

    ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file.

  • CVE-2016-7101MedJan 18, 2017
    risk 0.42cvss 6.5epss 0.03

    The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file.

  • CVE-2012-1798MedJun 5, 2012
    risk 0.42cvss 6.5epss 0.02

    The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image.

  • CVE-2012-0260MedJun 5, 2012
    risk 0.42cvss 6.5epss 0.02

    The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of restart markers.

  • CVE-2012-0259MedJun 5, 2012
    risk 0.42cvss 6.5epss 0.02

    The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolution tag in a JPEG file, which triggers an out-of-bounds read.

  • CVE-2026-53465MedJun 10, 2026
    risk 0.40cvss 6.2epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-25, a crafted multi-frame can result in a heap buffer over-write when encoding it with the SF3 encoder. This issue has been patched in version 7.1.2-25.

  • CVE-2026-46557MedJun 10, 2026
    risk 0.40cvss 6.2epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-23, due to a missing depth check a stack overflow can occur in the fx operation by passing a crafted argument. This issue has been patched in version 7.1.2-23.

  • CVE-2026-46523MedJun 10, 2026
    risk 0.40cvss 6.2epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, a crafted MSL image can trigger a heap-use-after-free. Versions 7.1.2.23 and 6.9.13-48 fix the issue.

  • CVE-2014-8716MedApr 11, 2017
    risk 0.40cvss 6.2epss 0.00

    The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and crash).

  • CVE-2016-3717MedMay 5, 2016
    risk 0.40cvss 5.5epss 0.20

    The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.

  • CVE-2026-53462MedJun 10, 2026
    risk 0.38cvss 5.9epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, when an allocation fails in CheckPrimitiveExtent this can result in a heap-use-after-free and result in a crash. This issue has been patched…

  • CVE-2026-48994MedJun 10, 2026
    risk 0.38cvss 5.9epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, a missing check of a return value could lead to a heap buffer over-write in the MAT decoder on 32-bit systems. This issue has been patched in…

  • CVE-2026-47166MedJun 10, 2026
    risk 0.37cvss 5.7epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can cause a heap buffer over-read in the server process. This issue has been…

Page 8 of 16