Filtered by vendor Imagemagick
Subscribe
Total
768 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0802 | 9 Conectiva, Enlightenment, Imagemagick and 6 more | 16 Linux, Imlib, Imlib2 and 13 more | 2026-06-16 | 5.1 MEDIUM | N/A |
| Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817. | |||||
| CVE-2003-0555 | 1 Imagemagick | 1 Imagemagick | 2026-06-16 | 7.5 HIGH | N/A |
| ImageMagick 5.4.3.x and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a "%x" filename, possibly triggering a format string vulnerability. | |||||
| CVE-2003-0455 | 1 Imagemagick | 1 Libmagick Library | 2026-06-16 | 4.6 MEDIUM | N/A |
| The imagemagick libmagick library 5.5 and earlier creates temporary files insecurely, which allows local users to create or overwrite arbitrary files. | |||||
| CVE-2026-48733 | 1 Imagemagick | 1 Imagemagick | 2026-06-11 | N/A | 4.7 MEDIUM |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, an infinite loop in the subimage-search operation can happen when using a crafted image. This issue has been patched in versions 6.9.13-49 and 7.1.2-24. | |||||
| CVE-2026-48734 | 1 Imagemagick | 1 Imagemagick | 2026-06-11 | N/A | 5.5 MEDIUM |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, a crafted MVG file could result in a stack overflow due to a missing depth or visited-set check. This issue has been patched in versions 6.9.13-49 and 7.1.2-24. | |||||
| CVE-2026-48994 | 1 Imagemagick | 1 Imagemagick | 2026-06-11 | N/A | 5.9 MEDIUM |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, a missing check of a return value could lead to a heap buffer over-write in the MAT decoder on 32-bit systems. This issue has been patched in versions 6.9.13-48 and 7.1.2-24. | |||||
| CVE-2026-49218 | 1 Imagemagick | 1 Imagemagick | 2026-06-11 | N/A | 7.5 HIGH |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, a missing check in the DCM decoder could result in an image with invalid dimensions and that could cause crashes in other operation. This issue has been patched in versions 6.9.13-48 and 7.1.2-24. | |||||
| CVE-2026-49219 | 1 Imagemagick | 1 Imagemagick | 2026-06-11 | N/A | 5.5 MEDIUM |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, an incorrect parsing of the filename can result in a policy bypass and read files disallowed by a security policy using a symlink. This issue has been patched in versions 6.9.13-48 and 7.1.2-24. | |||||
| CVE-2026-53460 | 1 Imagemagick | 1 Imagemagick | 2026-06-11 | N/A | 7.5 HIGH |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, a missing check for maximum memory request in AcquireAlignedMemory could trigger an out-of-Memory condition. This issue has been patched in versions 6.9.13-50 and 7.1.2-25. | |||||
| CVE-2026-53461 | 1 Imagemagick | 1 Imagemagick | 2026-06-11 | N/A | 7.5 HIGH |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, an incorrect loop in the ICON decoder can result in an out of bounds heap write resulting in a crash. This issue has been patched in versions 6.9.13-50 and 7.1.2-25. | |||||
| CVE-2026-53462 | 1 Imagemagick | 1 Imagemagick | 2026-06-11 | N/A | 5.9 MEDIUM |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, when an allocation fails in CheckPrimitiveExtent this can result in a heap-use-after-free and result in a crash. This issue has been patched in versions 6.9.13-50 and 7.1.2-25. | |||||
| CVE-2026-53463 | 1 Imagemagick | 1 Imagemagick | 2026-06-11 | N/A | 4.3 MEDIUM |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, when passing incorrect arguments in the distort operation a null pointer deference will occur. This issue has been patched in versions 6.9.13-50 and 7.1.2-25. | |||||
| CVE-2026-53464 | 1 Imagemagick | 1 Imagemagick | 2026-06-11 | N/A | 4.0 MEDIUM |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-25, when providing invalid options to the wand option parser a small memory leak will occur. This issue has been patched in version 7.1.2-25. | |||||
| CVE-2026-53465 | 1 Imagemagick | 1 Imagemagick | 2026-06-11 | N/A | 6.2 MEDIUM |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-25, a crafted multi-frame can result in a heap buffer over-write when encoding it with the SF3 encoder. This issue has been patched in version 7.1.2-25. | |||||
| CVE-2026-48724 | 1 Imagemagick | 1 Imagemagick | 2026-06-11 | N/A | 5.5 MEDIUM |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-24, when using an image with mask the Floyd-Steinberg dithering method it will cause a negative heap buffer over-write. This issue has been patched in version 7.1.2-24. | |||||
| CVE-2026-47166 | 1 Imagemagick | 1 Imagemagick | 2026-06-11 | N/A | 5.7 MEDIUM |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can cause a heap buffer over-read in the server process. This issue has been patched in versions 6.9.13-48 and 7.1.2-23. | |||||
| CVE-2026-47165 | 1 Imagemagick | 1 Imagemagick | 2026-06-11 | N/A | 4.1 MEDIUM |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, the distributed pixel cache was originally designed to operate without a challenge–response authentication model. This has been changed in versions 6.9.13-48 and 7.1.2-23. | |||||
| CVE-2026-46693 | 1 Imagemagick | 1 Imagemagick | 2026-06-11 | N/A | 4.1 MEDIUM |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can hijack a file descriptor in the server process when a race condition is met. This issue has been patched in versions 6.9.13-48 and 7.1.2-23. | |||||
| CVE-2026-46692 | 1 Imagemagick | 1 Imagemagick | 2026-06-11 | N/A | 4.1 MEDIUM |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can cause a heap buffer over-write in the server process. This issue has been patched in versions 6.9.13-48 and 7.1.2-23. | |||||
| CVE-2026-46559 | 1 Imagemagick | 1 Imagemagick | 2026-06-11 | N/A | 4.0 MEDIUM |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an incorrect check in the JP2 will result in an heap buffer over-write of a single byte when specifying certain options. This issue has been patched in versions 6.9.13-48 and 7.1.2-23. | |||||