Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Imagemagick Subscribe
Total 649 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-9832 1 Imagemagick 1 Imagemagick 2025-04-20 6.8 MEDIUM 7.8 HIGH
Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file.
CVE-2017-12434 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service (assertion failure) in DestroyImageInfo in image.c.
CVE-2014-9847 4 Canonical, Imagemagick, Opensuse and 1 more 10 Ubuntu Linux, Imagemagick, Opensuse and 7 more 2025-04-20 7.5 HIGH 9.8 CRITICAL
The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact.
CVE-2015-8901 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file.
CVE-2017-17887 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function GetImagePixelCache in magick/cache.c, which allows attackers to cause a denial of service via a crafted MNG image file that is processed by ReadOneMNGImage.
CVE-2014-9811 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
The xwd file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed xwd file.
CVE-2016-10061 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
The ReadGROUP4Image function in coders/tiff.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (crash) via a crafted image file.
CVE-2017-14139 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMSLImage in coders/msl.c.
CVE-2016-7520 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
Heap-based buffer overflow in coders/hdr.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted HDR file.
CVE-2017-9407 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-15032 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2025-04-20 7.5 HIGH 9.8 CRITICAL
ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.
CVE-2014-9820 1 Imagemagick 1 Imagemagick 2025-04-20 6.8 MEDIUM 7.8 HIGH
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pnm file.
CVE-2017-8345 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-5, the ReadMNGImage function in png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2015-8895 1 Imagemagick 1 Imagemagick 2025-04-20 5.0 MEDIUM 7.5 HIGH
Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause a denial of service (application crash) via a crafted length value, which triggers a buffer overflow.
CVE-2017-11449 1 Imagemagick 1 Imagemagick 2025-04-20 6.8 MEDIUM 8.8 HIGH
coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin.
CVE-2017-11528 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2015-8898 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image file.
CVE-2016-10057 1 Imagemagick 1 Imagemagick 2025-04-20 6.8 MEDIUM 7.8 HIGH
Buffer overflow in the WriteGROUP4Image function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2016-7532 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
CVE-2016-8678 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the vendor says "This is a Q64 issue and we do not support Q64."