Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Imagemagick Subscribe
Filtered by product Imagemagick
Total 629 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2005-0760 1 Imagemagick 1 Imagemagick 2017-10-10 5.0 MEDIUM N/A
The TIFF decoder in ImageMagick before 6.0 allows remote attackers to cause a denial of service (crash) via a crafted TIFF file.
CVE-2005-0759 2 Imagemagick, Sgi 2 Imagemagick, Propack 2017-10-10 5.0 MEDIUM N/A
ImageMagick before 6.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image with an invalid tag.
CVE-2005-0762 1 Imagemagick 1 Imagemagick 2017-10-10 7.5 HIGH N/A
Heap-based buffer overflow in the SGI parser in ImageMagick before 6.0 allows remote attackers to execute arbitrary code via a crafted SGI image file.
CVE-2005-0761 2 Imagemagick, Sgi 2 Imagemagick, Propack 2017-10-10 5.0 MEDIUM N/A
Unknown vulnerability in ImageMagick before 6.1.8 allows remote attackers to cause a denial of service (application crash) via a crafted PSD file.
CVE-2005-0397 1 Imagemagick 1 Imagemagick 2017-10-10 7.5 HIGH N/A
Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a filename argument to convert, which may be called by other web applications.
CVE-2004-0817 9 Conectiva, Enlightenment, Imagemagick and 6 more 16 Linux, Imlib, Imlib2 and 13 more 2017-10-10 7.5 HIGH N/A
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
CVE-2004-0827 9 Conectiva, Enlightenment, Imagemagick and 6 more 14 Linux, Imlib, Imlib2 and 11 more 2017-10-10 7.5 HIGH N/A
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.
CVE-2004-0981 4 Debian, Gentoo, Imagemagick and 1 more 4 Debian Linux, Linux, Imagemagick and 1 more 2017-10-10 10.0 HIGH N/A
Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file.
CVE-2005-0005 6 Debian, Gentoo, Graphicsmagick and 3 more 6 Debian Linux, Linux, Graphicsmagick and 3 more 2017-10-10 7.5 HIGH N/A
Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers.
CVE-2008-1097 1 Imagemagick 2 Graphicsmagick, Imagemagick 2017-09-28 6.8 MEDIUM N/A
Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in (1) ImageMagick 6.2.4-5 and 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .pcx file that triggers incorrect memory allocation for the scanline array, leading to memory corruption.
CVE-2008-1096 1 Imagemagick 2 Graphicsmagick, Imagemagick 2017-09-28 6.8 MEDIUM N/A
The load_tile function in the XCF coder in coders/xcf.c in (1) ImageMagick 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .xcf file that triggers an out-of-bounds heap write, possibly related to the ScaleCharToQuantum function.
CVE-2012-3437 1 Imagemagick 1 Imagemagick 2017-08-28 4.3 MEDIUM N/A
The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8 and earlier does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation.
CVE-2014-9830 1 Imagemagick 1 Imagemagick 2017-08-08 6.8 MEDIUM 8.8 HIGH
coders/sun.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted sun file.
CVE-2014-9831 1 Imagemagick 1 Imagemagick 2017-08-08 6.8 MEDIUM 8.8 HIGH
coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted wpg file.
CVE-2014-9827 1 Imagemagick 1 Imagemagick 2017-08-08 6.8 MEDIUM 8.8 HIGH
coders/xpm.c in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file.
CVE-2014-9828 1 Imagemagick 1 Imagemagick 2017-08-08 6.8 MEDIUM 8.8 HIGH
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file.
CVE-2017-11753 1 Imagemagick 1 Imagemagick 2017-08-02 4.3 MEDIUM 6.5 MEDIUM
The GetImageDepth function in MagickCore/attribute.c in ImageMagick 7.0.6-4 might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted Flexible Image Transport System (FITS) file.
CVE-2017-11750 1 Imagemagick 1 Imagemagick 2017-08-02 4.3 MEDIUM 6.5 MEDIUM
The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 and 7.0.6-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVE-2017-11530 1 Imagemagick 1 Imagemagick 2017-07-28 7.1 HIGH 6.5 MEDIUM
The ReadEPTImage function in coders/ept.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
CVE-2017-11527 1 Imagemagick 1 Imagemagick 2017-07-28 7.1 HIGH 6.5 MEDIUM
The ReadDPXImage function in coders/dpx.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.