Vulnerabilities (CVE)

  1. Yack CVE
  2. Vulnerabilities (CVE)
Filtered by vendor Imagemagick
Filtered by product Imagemagick
Angry Yack Logo
Total 705 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-9409 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-5, the ReadMPCImage function in mpc.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-15015 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2025-04-20 6.8 MEDIUM 8.8 HIGH
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDelegateMessage in coders/pdf.c.
CVE-2017-12643 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2025-04-20 7.1 HIGH 6.5 MEDIUM
ImageMagick 7.0.6-1 has a memory exhaustion vulnerability in ReadOneJNGImage in coders\png.c.
CVE-2016-10056 1 Imagemagick 1 Imagemagick 2025-04-20 6.8 MEDIUM 7.8 HIGH
Buffer overflow in the sixel_decode function in coders/sixel.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2017-5508 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file.
CVE-2016-7906 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to cause a denial of service (use-after-free) via a crafted file.
CVE-2017-13062 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function formatIPTC in coders/meta.c, which allows attackers to cause a denial of service (WriteMETAImage memory consumption) via a crafted file.
CVE-2017-17884 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function WriteOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted PNG image file.
CVE-2016-9773 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
Heap-based buffer overflow in the IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9556.
CVE-2017-13058 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-12644 1 Imagemagick 1 Imagemagick 2025-04-20 6.8 MEDIUM 8.8 HIGH
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadDCMImage in coders\dcm.c.
CVE-2017-8355 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-5, the ReadMTVImage function in mtv.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-17682 3 Canonical, Debian, Imagemagick 3 Ubuntu Linux, Debian Linux, Imagemagick 2025-04-20 7.1 HIGH 6.5 MEDIUM
In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted wpg image file that triggers a ReadWPGImage call.
CVE-2017-14324 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service via a crafted file.
CVE-2016-7513 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
Off-by-one error in magick/cache.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors.
CVE-2016-7536 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
magick/profile.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted profile.
CVE-2016-8678 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the vendor says "This is a Q64 issue and we do not support Q64."
CVE-2017-8348 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-5, the ReadMATImage function in mat.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2014-9815 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted wpg file.
CVE-2017-14533 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c.
CVE-2017-11528 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-14532 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2025-04-20 7.5 HIGH 9.8 CRITICAL
ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c.
CVE-2017-11531 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteHISTOGRAMImage() function in coders/histogram.c.
CVE-2017-7942 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
The ReadAVSImage function in avs.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.
CVE-2017-15277 2 Graphicsmagick, Imagemagick 2 Graphicsmagick, Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process that operates on interesting data, this data sometimes can be leaked via the uninitialized palette.
CVE-2016-10067 1 Imagemagick 1 Imagemagick 2025-04-20 5.0 MEDIUM 7.5 HIGH
magick/memory.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via vectors involving "too many exceptions," which trigger a buffer overflow.
CVE-2017-8351 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-5, the ReadPCDImage function in pcd.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-7943 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
The ReadSVGImage function in svg.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.
CVE-2014-9822 1 Imagemagick 1 Imagemagick 2025-04-20 6.8 MEDIUM 7.8 HIGH
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted quantum file.
CVE-2015-8903 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file.
CVE-2017-12664 1 Imagemagick 1 Imagemagick 2025-04-20 6.8 MEDIUM 8.8 HIGH
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePALMImage in coders/palm.c.
CVE-2014-9831 1 Imagemagick 1 Imagemagick 2025-04-20 6.8 MEDIUM 8.8 HIGH
coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted wpg file.
CVE-2016-7535 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PSD file.
CVE-2014-9848 4 Canonical, Imagemagick, Opensuse and 1 more 10 Ubuntu Linux, Imagemagick, Leap and 7 more 2025-04-20 5.0 MEDIUM 7.5 HIGH
Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).
CVE-2016-10062 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
CVE-2017-12434 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service (assertion failure) in DestroyImageInfo in image.c.
CVE-2015-8895 1 Imagemagick 1 Imagemagick 2025-04-20 5.0 MEDIUM 7.5 HIGH
Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause a denial of service (application crash) via a crafted length value, which triggers a buffer overflow.
CVE-2017-12564 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service.
CVE-2017-8830 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-12429 1 Imagemagick 1 Imagemagick 2025-04-20 7.8 HIGH 7.5 HIGH
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service.