Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Imagemagick Subscribe
Filtered by product Imagemagick
Total 642 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-13902 1 Imagemagick 1 Imagemagick 2024-02-04 5.8 MEDIUM 7.1 HIGH
ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image decoding.
CVE-2019-19948 4 Canonical, Debian, Imagemagick and 1 more 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more 2024-02-04 7.5 HIGH 9.8 CRITICAL
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.
CVE-2014-2030 3 Canonical, Imagemagick, Opensuse 3 Ubuntu Linux, Imagemagick, Opensuse 2024-02-04 6.8 MEDIUM 8.8 HIGH
Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-1947.
CVE-2019-17547 1 Imagemagick 1 Imagemagick 2024-02-04 6.8 MEDIUM 8.8 HIGH
In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free.
CVE-2014-1958 3 Canonical, Imagemagick, Opensuse 3 Ubuntu Linux, Imagemagick, Opensuse 2024-02-04 6.8 MEDIUM 8.8 HIGH
Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030.
CVE-2019-19949 4 Canonical, Debian, Imagemagick and 1 more 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more 2024-02-04 6.4 MEDIUM 9.1 CRITICAL
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.
CVE-2019-16709 3 Canonical, Imagemagick, Opensuse 4 Ubuntu Linux, Imagemagick, Backports and 1 more 2024-02-04 4.3 MEDIUM 6.5 MEDIUM
ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.
CVE-2019-17541 1 Imagemagick 1 Imagemagick 2024-02-04 6.8 MEDIUM 8.8 HIGH
ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c.
CVE-2019-19952 1 Imagemagick 1 Imagemagick 2024-02-04 7.5 HIGH 9.8 CRITICAL
In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGImage.
CVE-2019-16712 2 Imagemagick, Opensuse 2 Imagemagick, Leap 2024-02-04 4.3 MEDIUM 6.5 MEDIUM
ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image.
CVE-2019-17540 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2024-02-04 6.8 MEDIUM 8.8 HIGH
ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.
CVE-2014-1947 2 Imagemagick, Suse 4 Imagemagick, Linux Enterprise Desktop, Linux Enterprise Server and 1 more 2024-02-04 6.8 MEDIUM 7.8 HIGH
Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L%02ld string, a different vulnerability than CVE-2014-2030.
CVE-2014-8561 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2024-02-04 4.3 MEDIUM 6.5 MEDIUM
imagemagick 6.8.9.6 has remote DOS via infinite loop
CVE-2019-16711 4 Canonical, Debian, Imagemagick and 1 more 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more 2024-02-04 4.3 MEDIUM 6.5 MEDIUM
ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.
CVE-2016-7523 1 Imagemagick 1 Imagemagick 2024-02-04 4.3 MEDIUM 6.5 MEDIUM
coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
CVE-2016-7524 1 Imagemagick 1 Imagemagick 2024-02-04 4.3 MEDIUM 6.5 MEDIUM
coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
CVE-2019-16713 4 Canonical, Debian, Imagemagick and 1 more 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more 2024-02-04 4.3 MEDIUM 6.5 MEDIUM
ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.
CVE-2020-10251 1 Imagemagick 1 Imagemagick 2024-02-04 4.3 MEDIUM 5.5 MEDIUM
In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image.
CVE-2019-16708 4 Canonical, Debian, Imagemagick and 1 more 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more 2024-02-04 4.3 MEDIUM 6.5 MEDIUM
ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.
CVE-2019-18853 1 Imagemagick 1 Imagemagick 2024-02-04 4.3 MEDIUM 6.5 MEDIUM
ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because XML_PARSE_HUGE is not properly restricted in coders/svg.c, related to SVG and libxml2.