Total
705 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-9808 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
|
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted dpc image.
|
|||||
| CVE-2017-17881 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted MAT image file.
|
|||||
| CVE-2017-9405 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
In ImageMagick 7.0.5-5, the ReadICONImage function in icon.c:452 allows attackers to cause a denial of service (memory leak) via a crafted file.
|
|||||
| CVE-2017-5511 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
|
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow.
|
|||||
| CVE-2014-9804 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
|
vision.c in ImageMagick allows remote attackers to cause a denial of service (infinite loop) via vectors related to "too many object."
|
|||||
| CVE-2015-8896 | 3 Imagemagick, Oracle, Redhat | 8 Imagemagick, Linux, Enterprise Linux Desktop and 5 more | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file.
|
|||||
| CVE-2017-11447 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick before 7.0.6-1 has memory leaks, causing denial of service.
|
|||||
| CVE-2017-12672 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service.
|
|||||
| CVE-2017-8357 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
In ImageMagick 7.0.5-5, the ReadEPTImage function in ept.c allows attackers to cause a denial of service (memory leak) via a crafted file.
|
|||||
| CVE-2015-8897 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
|
The SpliceImage function in MagickCore/transform.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (application crash) via a crafted png file.
|
|||||
| CVE-2017-7606 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
coders/rle.c in ImageMagick 7.0.5-4 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
|
|||||
| CVE-2017-11753 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
The GetImageDepth function in MagickCore/attribute.c in ImageMagick 7.0.6-4 might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted Flexible Image Transport System (FITS) file.
|
|||||
| CVE-2014-8562 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
|
DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).
|
|||||
| CVE-2017-12669 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
|
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteCALSImage in coders/cals.c.
|
|||||
| CVE-2016-10057 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
|
Buffer overflow in the WriteGROUP4Image function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
|
|||||
| CVE-2016-9556 | 3 Debian, Imagemagick, Opensuse Project | 3 Debian Linux, Imagemagick, Leap | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
|
The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file.
|
|||||
| CVE-2017-12435 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 7.8 HIGH | 7.5 HIGH |
|
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service.
|
|||||
| CVE-2016-7526 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
|
|||||
| CVE-2017-7619 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
|
In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms. This affects ModulateHSL, ModulateHCL, ModulateHCLp, ModulateHSB, ModulateHSI, ModulateHSV, ModulateHWB, ModulateLCHab, and ModulateLCHuv.
|
|||||
| CVE-2016-10068 | 3 Imagemagick, Opensuse, Opensuse Project | 3 Imagemagick, Leap, Leap | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
|
The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file.
|
|||||
| CVE-2016-7522 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
|
|||||
| CVE-2014-9820 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
|
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pnm file.
|
|||||
| CVE-2017-12670 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
In ImageMagick 7.0.6-3, missing validation was found in coders/mat.c, leading to an assertion failure in the function DestroyImage in MagickCore/image.c, which allows attackers to cause a denial of service.
|
|||||
| CVE-2017-14249 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in coders/mpc.c, leading to division by zero in GetPixelCacheTileSize in MagickCore/cache.c, allowing remote attackers to cause a denial of service via a crafted file.
|
|||||
| CVE-2017-11754 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an OpenPixelCache call.
|
|||||
| CVE-2014-9852 | 3 Imagemagick, Opensuse, Suse | 7 Imagemagick, Leap, Opensuse and 4 more | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
|
distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors.
|
|||||
| CVE-2014-9838 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
|
magick/cache.c in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (crash).
|
|||||
| CVE-2014-9824 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
|
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9825.
|
|||||
| CVE-2014-9818 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
|
ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a malformed sun file.
|
|||||
| CVE-2016-10049 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
|
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
|
|||||
| CVE-2014-9811 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
|
The xwd file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed xwd file.
|
|||||
| CVE-2016-10145 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
|
Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy.
|
|||||
| CVE-2017-5507 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2025-04-20 | 7.8 HIGH | 7.5 HIGH |
|
Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache.
|
|||||
| CVE-2017-6502 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
|
An issue was discovered in ImageMagick 6.9.7. A specially crafted webp file could lead to a file-descriptor leak in libmagickcore (thus, a DoS).
|
|||||
| CVE-2017-12692 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2025-04-20 | 7.1 HIGH | 6.5 MEDIUM |
|
The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted VIFF file.
|
|||||
| CVE-2017-16546 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
|
The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or possibly have unspecified other impact via a malformed WPG file.
|
|||||
| CVE-2017-11533 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
|
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteUILImage() function in coders/uil.c.
|
|||||
| CVE-2017-14325 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2025-04-20 | 7.1 HIGH | 6.5 MEDIUM |
|
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function PersistPixelCache in magick/cache.c, which allows attackers to cause a denial of service (memory consumption in ReadMPCImage in coders/mpc.c) via a crafted file.
|
|||||
| CVE-2014-9827 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
|
coders/xpm.c in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file.
|
|||||
| CVE-2014-9805 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
|
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file.
|
|||||