Imagemagick CVEs and Security Vulnerabilities

Filtered by vendor Imagemagick Subscriptions

Search

Switch to Advanced Search (Beta)

Total 672 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2014-9843	4 Canonical, Imagemagick, Opensuse and 1 more	8 Ubuntu Linux, Imagemagick, Opensuse and 5 more	2025-04-20	N/A
The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors.
CVE-2017-11166	2 Imagemagick, Redhat	2 Imagemagick, Enterprise Linux	2025-04-20	N/A
The ReadXWDImage function in coders\xwd.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted length (number of color-map entries) field in the header of an XWD file.
CVE-2017-6498	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	N/A
An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could trigger assertion failures, thus leading to DoS.
CVE-2017-13768	3 Canonical, Debian, Imagemagick	3 Ubuntu Linux, Debian Linux, Imagemagick	2025-04-20	6.5 Medium
Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to perform denial of service by sending a crafted image file.
CVE-2017-11522	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVE-2017-13145	3 Canonical, Debian, Imagemagick	3 Ubuntu Linux, Debian Linux, Imagemagick	2025-04-20	6.5 Medium
In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash.
CVE-2017-17882	2 Canonical, Imagemagick	2 Ubuntu Linux, Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted XPM image file.
CVE-2016-7530	1 Imagemagick	1 Imagemagick	2025-04-20	6.5 Medium
The quantum handling code in ImageMagick allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds write) via a crafted file.
CVE-2017-13133	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service (load_tile memory exhaustion) via a crafted file.
CVE-2017-17880	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to a WEBP_DECODER_ABI_VERSION check.
CVE-2017-6502	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
An issue was discovered in ImageMagick 6.9.7. A specially crafted webp file could lead to a file-descriptor leak in libmagickcore (thus, a DoS).
CVE-2016-10066	1 Imagemagick	1 Imagemagick	2025-04-20	5.5 Medium
Buffer overflow in the ReadVIFFImage function in coders/viff.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a crafted file.
CVE-2017-17681	2 Canonical, Imagemagick	2 Ubuntu Linux, Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted psd image file.
CVE-2017-17504	3 Canonical, Debian, Imagemagick	3 Ubuntu Linux, Debian Linux, Imagemagick	2025-04-20	6.5 Medium
ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage.
CVE-2017-7275	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.
CVE-2016-10062	1 Imagemagick	1 Imagemagick	2025-04-20	5.5 Medium
The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
CVE-2016-7514	1 Imagemagick	1 Imagemagick	2025-04-20	6.5 Medium
The ReadPSDChannelPixels function in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
CVE-2017-17914	3 Canonical, Debian, Imagemagick	3 Ubuntu Linux, Debian Linux, Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service (ReadOneMNGImage large loop) via a crafted mng image file.
CVE-2017-17499	3 Canonical, Debian, Imagemagick	3 Ubuntu Linux, Debian Linux, Imagemagick	2025-04-20	9.8 Critical
ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp.
CVE-2014-9847	4 Canonical, Imagemagick, Opensuse and 1 more	10 Ubuntu Linux, Imagemagick, Opensuse and 7 more	2025-04-20	N/A
The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact.

« first previous Page 16 of 34. next last »