Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Imagemagick Subscribe
Filtered by product Imagemagick
Total 648 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-8830 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-12435 1 Imagemagick 1 Imagemagick 2025-04-20 7.8 HIGH 7.5 HIGH
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service.
CVE-2017-17914 3 Canonical, Debian, Imagemagick 3 Ubuntu Linux, Debian Linux, Imagemagick 2025-04-20 7.1 HIGH 6.5 MEDIUM
In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service (ReadOneMNGImage large loop) via a crafted mng image file.
CVE-2017-12669 1 Imagemagick 1 Imagemagick 2025-04-20 6.8 MEDIUM 8.8 HIGH
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteCALSImage in coders/cals.c.
CVE-2014-9841 4 Canonical, Imagemagick, Opensuse and 1 more 8 Ubuntu Linux, Imagemagick, Opensuse and 5 more 2025-04-20 7.5 HIGH 9.8 CRITICAL
The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to "throwing of exceptions."
CVE-2016-10068 3 Imagemagick, Opensuse, Opensuse Project 3 Imagemagick, Leap, Leap 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file.
CVE-2017-14624 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2025-04-20 7.5 HIGH 9.8 CRITICAL
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c.
CVE-2017-17881 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted MAT image file.
CVE-2017-11752 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
The ReadMAGICKImage function in coders/magick.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-17499 3 Canonical, Debian, Imagemagick 3 Ubuntu Linux, Debian Linux, Imagemagick 2025-04-20 7.5 HIGH 9.8 CRITICAL
ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp.
CVE-2017-14342 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c via a crafted wpg image file.
CVE-2017-14137 1 Imagemagick 1 Imagemagick 2025-04-20 5.0 MEDIUM 7.5 HIGH
ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue where memory allocation is excessive because it depends only on a length field in a header.
CVE-2017-9098 3 Debian, Graphicsmagick, Imagemagick 3 Debian Linux, Graphicsmagick, Imagemagick 2025-04-20 5.0 MEDIUM 7.5 HIGH
ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image data on behalf of multiple users. This is caused by a missing initialization step in the ReadRLEImage function in coders/rle.c.
CVE-2017-5506 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2025-04-20 6.8 MEDIUM 7.8 HIGH
Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file.
CVE-2017-7941 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
The ReadSGIImage function in sgi.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.
CVE-2017-12666 1 Imagemagick 1 Imagemagick 2025-04-20 6.8 MEDIUM 8.8 HIGH
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteINLINEImage in coders/inline.c.
CVE-2014-9838 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
magick/cache.c in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (crash).
CVE-2017-9409 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-5, the ReadMPCImage function in mpc.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2016-7540 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
coders/rgf.c in ImageMagick before 6.9.4-10 allows remote attackers to cause a denial of service (assertion failure) by converting an image to rgf format.
CVE-2016-10056 1 Imagemagick 1 Imagemagick 2025-04-20 6.8 MEDIUM 7.8 HIGH
Buffer overflow in the sixel_decode function in coders/sixel.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.