Imagemagick CVEs and Security Vulnerabilities

Filtered by vendor Imagemagick Subscriptions

Search

Switch to Advanced Search (Beta)

Total 739 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2017-14224	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
A heap-based buffer overflow in WritePCXImage in coders/pcx.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service or code execution via a crafted file.
CVE-2017-11536	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteJP2Image() function in coders/jp2.c.
CVE-2017-11534	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the lite_font_map() function in coders/wmf.c.
CVE-2017-10928	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function in coders/svg.c.
CVE-2017-14343	2 Canonical, Imagemagick	2 Ubuntu Linux, Imagemagick	2025-04-20	N/A
ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file.
CVE-2017-11528	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-11526	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The ReadOneMNGImage function in coders/png.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted file.
CVE-2017-11522	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVE-2017-11523	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop) via a crafted file, because the end-of-file condition is not considered.
CVE-2014-9852	3 Imagemagick, Opensuse, Suse	7 Imagemagick, Leap, Opensuse and 4 more	2025-04-20	9.8 Critical
distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors.
CVE-2017-14060	2 Canonical, Imagemagick	2 Ubuntu Linux, Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in the ReadCUTImage function in coders/cut.c that could allow an attacker to cause a Denial of Service (in the QueueAuthenticPixelCacheNexus function within the MagickCore/cache.c file) by submitting a malformed image file.
CVE-2017-15033	2 Canonical, Imagemagick	2 Ubuntu Linux, Imagemagick	2025-04-20	N/A
ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c.
CVE-2017-11449	1 Imagemagick	1 Imagemagick	2025-04-20	8.8 High
coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin.
CVE-2017-11360	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The ReadRLEImage function in coders\rle.c in ImageMagick 7.0.6-1 has a large loop vulnerability via a crafted rle file that triggers a huge number_pixels value.
CVE-2014-9832	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file.
CVE-2017-10995	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted MNG image.
CVE-2014-9830	1 Imagemagick	1 Imagemagick	2025-04-20	8.8 High
coders/sun.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted sun file.
CVE-2017-14248	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
A heap-based buffer over-read in SampleImage() in MagickCore/resize.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service via a crafted file.
CVE-2016-8862	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	8.8 High
The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick before 7.0.3.3 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure.
CVE-2014-9829	1 Imagemagick	1 Imagemagick	2025-04-20	6.5 Medium
coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted sun file.

« first previous Page 8 of 37. next last »