Vulnerabilities (CVE)

Filtered by vendor Imagemagick Subscribe
Total 645 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-13058 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-12673 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service.
CVE-2017-15017 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2025-04-20 6.8 MEDIUM 8.8 HIGH
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c.
CVE-2016-7517 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
The EncodeImage function in coders/pict.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PICT file.
CVE-2014-9817 1 Imagemagick 1 Imagemagick 2025-04-20 6.8 MEDIUM 7.8 HIGH
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pdb file.
CVE-2014-9840 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted palm file.
CVE-2016-10049 1 Imagemagick 1 Imagemagick 2025-04-20 6.8 MEDIUM 7.8 HIGH
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
CVE-2016-7539 1 Imagemagick 1 Imagemagick 2025-04-20 7.8 HIGH 7.5 HIGH
Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
CVE-2016-10067 1 Imagemagick 1 Imagemagick 2025-04-20 5.0 MEDIUM 7.5 HIGH
magick/memory.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via vectors involving "too many exceptions," which trigger a buffer overflow.
CVE-2016-8866 2 Imagemagick, Opensuse 3 Imagemagick, Leap, Opensuse 2025-04-20 6.8 MEDIUM 8.8 HIGH
The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862.
CVE-2016-10062 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
CVE-2017-14682 1 Imagemagick 1 Imagemagick 2025-04-20 6.8 MEDIUM 8.8 HIGH
GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted SVG document, a different vulnerability than CVE-2017-10928.
CVE-2017-12674 1 Imagemagick 1 Imagemagick 2025-04-20 7.1 HIGH 6.5 MEDIUM
In ImageMagick 7.0.6-2, a CPU exhaustion vulnerability was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service.
CVE-2016-7515 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the number of pixels.
CVE-2017-14343 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file.
CVE-2017-13143 1 Imagemagick 1 Imagemagick 2025-04-20 5.0 MEDIUM 7.5 HIGH
In ImageMagick before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage function in coders/mat.c uses uninitialized data, which might allow remote attackers to obtain sensitive information from process memory.
CVE-2017-8345 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-5, the ReadMNGImage function in png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-12433 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadPESImage in coders/pes.c, which allows attackers to cause a denial of service, related to ResizeMagickMemory in memory.c.
CVE-2017-14174 3 Canonical, Debian, Imagemagick 3 Ubuntu Linux, Debian Linux, Imagemagick 2025-04-20 7.1 HIGH 6.5 MEDIUM
In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "length" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop.
CVE-2017-8355 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-5, the ReadMTVImage function in mtv.c allows attackers to cause a denial of service (memory leak) via a crafted file.