Imagemagick CVEs and Security Vulnerabilities

Filtered by vendor Imagemagick Subscriptions

Search

Switch to Advanced Search (Beta)

Total 665 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2017-8354	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.5-5, the ReadBMPImage function in bmp.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-8355	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.5-5, the ReadMTVImage function in mtv.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-8357	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.5-5, the ReadEPTImage function in ept.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9141	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	6.5 Medium
In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the ResetImageProfileIterator function in MagickCore/profile.c because of missing checks in the ReadDDSImage function in coders/dds.c.
CVE-2017-9142	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	6.5 Medium
In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the WriteBlob function in MagickCore/blob.c because of missing checks in the ReadOneJNGImage function in coders/png.c.
CVE-2017-9143	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	6.5 Medium
In ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c allows attackers to cause a denial of service (memory leak) via a crafted .art file.
CVE-2017-9499	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function SetPixelChannelAttributes, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-9501	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file.
CVE-2014-9844	5 Canonical, Imagemagick, Opensuse and 2 more	10 Ubuntu Linux, Imagemagick, Opensuse and 7 more	2025-04-20	N/A
The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.
CVE-2017-12563	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.6-2, a memory exhaustion vulnerability was found in the function ReadPSDImage in coders/psd.c, which allows attackers to cause a denial of service.
CVE-2017-11752	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The ReadMAGICKImage function in coders/magick.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-11532	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteMPCImage() function in coders/mpc.c.
CVE-2017-11639	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c, related to the GetPixelLuma function in MagickCore/pixel-accessor.h.
CVE-2017-13139	3 Canonical, Debian, Imagemagick	3 Ubuntu Linux, Debian Linux, Imagemagick	2025-04-20	9.8 Critical
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.
CVE-2017-15015	2 Canonical, Imagemagick	2 Ubuntu Linux, Imagemagick	2025-04-20	N/A
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDelegateMessage in coders/pdf.c.
CVE-2016-7530	1 Imagemagick	1 Imagemagick	2025-04-20	6.5 Medium
The quantum handling code in ImageMagick allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds write) via a crafted file.
CVE-2017-14739	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows remote attackers to cause a denial of service (NULL Pointer Dereference in DistortImage in MagickCore/distort.c, and application crash) via unspecified vectors.
CVE-2017-14684	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.7-4 Q16, a memory leak vulnerability was found in the function ReadVIPSImage in coders/vips.c, which allows attackers to cause a denial of service (memory consumption in ResizeMagickMemory in MagickCore/memory.c) via a crafted file.
CVE-2017-14626	2 Canonical, Imagemagick	2 Ubuntu Linux, Imagemagick	2025-04-20	N/A
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c.
CVE-2017-14625	2 Canonical, Imagemagick	2 Ubuntu Linux, Imagemagick	2025-04-20	N/A
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_output_create in coders/sixel.c.

« first previous Page 19 of 34. next last »