Imagemagick CVEs and Security Vulnerabilities

Filtered by vendor Imagemagick Subscriptions

Search

Switch to Advanced Search (Beta)

Total 672 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2014-9846	5 Canonical, Imagemagick, Opensuse and 2 more	11 Ubuntu Linux, Imagemagick, Leap and 8 more	2025-04-20	N/A
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact.
CVE-2014-9849	4 Canonical, Imagemagick, Opensuse and 1 more	9 Ubuntu Linux, Imagemagick, Opensuse and 6 more	2025-04-20	N/A
The png coder in ImageMagick allows remote attackers to cause a denial of service (crash).
CVE-2014-9851	4 Canonical, Imagemagick, Opensuse and 1 more	9 Ubuntu Linux, Imagemagick, Opensuse and 6 more	2025-04-20	N/A
ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash).
CVE-2014-9853	6 Canonical, Imagemagick, Novell and 3 more	11 Ubuntu Linux, Imagemagick, Leap and 8 more	2025-04-20	5.5 Medium
Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.
CVE-2015-8894	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
Double free vulnerability in coders/tga.c in ImageMagick 7.0.0 and later allows remote attackers to cause a denial of service (application crash) via a crafted tga file.
CVE-2015-8901	1 Imagemagick	1 Imagemagick	2025-04-20	6.5 Medium
ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file.
CVE-2015-8957	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file.
CVE-2015-8958	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted SUN file.
CVE-2017-8345	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.5-5, the ReadMNGImage function in png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-15277	2 Graphicsmagick, Imagemagick	2 Graphicsmagick, Imagemagick	2025-04-20	N/A
ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process that operates on interesting data, this data sometimes can be leaked via the uninitialized palette.
CVE-2017-5506	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	7.8 High
Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file.
CVE-2017-12140	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The ReadDCMImage function in coders\dcm.c in ImageMagick 7.0.6-1 has an integer signedness error leading to excessive memory consumption via a crafted DCM file.
CVE-2016-10145	1 Imagemagick	1 Imagemagick	2025-04-20	9.8 Critical
Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy.
CVE-2016-10047	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
Memory leak in the NewXMLTree function in magick/xml-tree.c in ImageMagick before 6.9.4-7 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML file.
CVE-2016-10058	1 Imagemagick	1 Imagemagick	2025-04-20	5.5 Medium
Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick before 6.9.6-3 allows remote attackers to cause a denial of service (memory consumption) via a crafted image file.
CVE-2016-9773	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
Heap-based buffer overflow in the IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9556.
CVE-2016-9298	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
Heap overflow in the WaveletDenoiseImage function in MagickCore/fx.c in ImageMagick before 6.9.6-4 and 7.x before 7.0.3-6 allows remote attackers to cause a denial of service (crash) via a crafted image.
CVE-2016-7799	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	6.5 Medium
MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
CVE-2016-7906	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	5.5 Medium
magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to cause a denial of service (use-after-free) via a crafted file.
CVE-2016-8862	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	8.8 High
The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick before 7.0.3.3 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure.

« first previous Page 4 of 34. next last »