Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Imagemagick Subscribe
Total 646 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-14682 1 Imagemagick 1 Imagemagick 2025-04-20 6.8 MEDIUM 8.8 HIGH
GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted SVG document, a different vulnerability than CVE-2017-10928.
CVE-2017-15015 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2025-04-20 6.8 MEDIUM 8.8 HIGH
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDelegateMessage in coders/pdf.c.
CVE-2016-7515 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the number of pixels.
CVE-2017-13060 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.6-5, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file.
CVE-2016-10054 1 Imagemagick 1 Imagemagick 2025-04-20 6.8 MEDIUM 7.8 HIGH
Buffer overflow in the WriteMAPImage function in coders/map.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2017-11360 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
The ReadRLEImage function in coders\rle.c in ImageMagick 7.0.6-1 has a large loop vulnerability via a crafted rle file that triggers a huge number_pixels value.
CVE-2017-13658 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading to a denial of service (assertion failure and application exit) in the DestroyImageInfo function in MagickCore/image.c.
CVE-2017-14626 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2025-04-20 7.5 HIGH 9.8 CRITICAL
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c.
CVE-2016-9559 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image.
CVE-2014-9853 6 Canonical, Imagemagick, Novell and 3 more 11 Ubuntu Linux, Imagemagick, Leap and 8 more 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.
CVE-2017-14505 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Service (NULL pointer dereference and application crash in AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted Image File as input.
CVE-2016-5239 1 Imagemagick 1 Imagemagick 2025-04-20 7.5 HIGH 9.8 CRITICAL
The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMagick allows remote attackers to execute arbitrary commands via unspecified vectors.
CVE-2017-11352 3 Canonical, Debian, Imagemagick 3 Ubuntu Linux, Debian Linux, Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9144.
CVE-2017-12431 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.6-1, a use-after-free vulnerability was found in the function ReadWMFImage in coders/wmf.c, which allows attackers to cause a denial of service.
CVE-2017-12644 1 Imagemagick 1 Imagemagick 2025-04-20 6.8 MEDIUM 8.8 HIGH
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadDCMImage in coders\dcm.c.
CVE-2016-7522 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
CVE-2017-12691 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2025-04-20 7.1 HIGH 6.5 MEDIUM
The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
CVE-2014-9844 5 Canonical, Imagemagick, Opensuse and 2 more 10 Ubuntu Linux, Imagemagick, Opensuse and 7 more 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.
CVE-2016-7525 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
CVE-2017-12662 1 Imagemagick 1 Imagemagick 2025-04-20 6.8 MEDIUM 8.8 HIGH
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePDFImage in coders/pdf.c.