Imagemagick CVEs and Security Vulnerabilities

Filtered by vendor Imagemagick Subscriptions

Filtered by product Imagemagick Subscriptions

Search

Switch to Advanced Search (Beta)

Total 723 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2017-11540	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the GetPixelIndex() function, called from the WritePICONImage function in coders/xpm.c.
CVE-2016-10053	1 Imagemagick	1 Imagemagick	2025-04-20	5.5 Medium
The WriteTIFFImage function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file.
CVE-2016-10051	2 Imagemagick, Opensuse	2 Imagemagick, Leap	2025-04-20	7.8 High
Use-after-free vulnerability in the ReadPWPImage function in coders/pwp.c in ImageMagick 6.9.5-5 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2017-11534	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the lite_font_map() function in coders/wmf.c.
CVE-2016-10145	1 Imagemagick	1 Imagemagick	2025-04-20	9.8 Critical
Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy.
CVE-2017-11450	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	8.8 High
coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short.
CVE-2017-14533	2 Canonical, Imagemagick	2 Ubuntu Linux, Imagemagick	2025-04-20	N/A
ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c.
CVE-2017-15032	2 Canonical, Imagemagick	2 Ubuntu Linux, Imagemagick	2025-04-20	N/A
ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.
CVE-2016-10048	2 Imagemagick, Opensuse Project	2 Imagemagick, Leap	2025-04-20	N/A
Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified vectors.
CVE-2016-10046	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
Heap-based buffer overflow in the DrawImage function in magick/draw.c in ImageMagick before 6.9.5-5 allows remote attackers to cause a denial of service (application crash) via a crafted image file.
CVE-2017-11529	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The ReadMATImage function in coders/mat.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-12434	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service (assertion failure) in DestroyImageInfo in image.c.
CVE-2015-8959	1 Imagemagick	1 Imagemagick	2025-04-20	6.5 Medium
coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file.
CVE-2014-9845	5 Canonical, Imagemagick, Opensuse and 2 more	11 Ubuntu Linux, Imagemagick, Leap and 8 more	2025-04-20	N/A
The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.
CVE-2017-14138	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors.
CVE-2015-8958	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted SUN file.
CVE-2015-8900	1 Imagemagick	1 Imagemagick	2025-04-20	5.5 Medium
The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service (infinite loop) via a crafted HDR file.
CVE-2017-12428	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadWMFImage in coders/wmf.c, which allows attackers to cause a denial of service in CloneDrawInfo in draw.c.
CVE-2015-8897	2 Imagemagick, Redhat	2 Imagemagick, Enterprise Linux	2025-04-20	N/A
The SpliceImage function in MagickCore/transform.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (application crash) via a crafted png file.
CVE-2015-8895	2 Imagemagick, Redhat	2 Imagemagick, Enterprise Linux	2025-04-20	N/A
Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause a denial of service (application crash) via a crafted length value, which triggers a buffer overflow.

« first previous Page 8 of 37. next last »