Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Imagemagick Subscribe
Filtered by product Imagemagick
Total 629 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-17540 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2021-04-20 6.8 MEDIUM 8.8 HIGH
ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.
CVE-2017-11450 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2021-04-20 6.8 MEDIUM 8.8 HIGH
coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short.
CVE-2016-6520 1 Imagemagick 1 Imagemagick 2021-04-13 6.4 MEDIUM 9.1 CRITICAL
Buffer overflow in MagickCore/enhance.c in ImageMagick before 7.0.2-7 allows remote attackers to have unspecified impact via vectors related to pixel cache morphology.
CVE-2020-27829 1 Imagemagick 1 Imagemagick 2021-03-29 4.3 MEDIUM 5.5 MEDIUM
A heap based buffer overflow in coders/tiff.c may result in program crash and denial of service in ImageMagick before 7.0.10-45.
CVE-2021-20246 4 Debian, Fedoraproject, Imagemagick and 1 more 4 Debian Linux, Fedora, Imagemagick and 1 more 2021-03-25 7.1 HIGH 5.5 MEDIUM
A flaw was found in ImageMagick in MagickCore/resample.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.
CVE-2021-20244 4 Debian, Fedoraproject, Imagemagick and 1 more 4 Debian Linux, Fedora, Imagemagick and 1 more 2021-03-25 7.1 HIGH 5.5 MEDIUM
A flaw was found in ImageMagick in MagickCore/visual-effects.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.
CVE-2021-20241 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2021-03-25 4.3 MEDIUM 5.5 MEDIUM
A flaw was found in ImageMagick in coders/jp2.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.
CVE-2017-14528 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2021-03-04 4.3 MEDIUM 6.5 MEDIUM
The TIFFSetProfiles function in coders/tiff.c in ImageMagick 7.0.6 has incorrect expectations about whether LibTIFF TIFFGetField return values imply that data validation has occurred, which allows remote attackers to cause a denial of service (use-after-free after an invalid call to TIFFSetField, and application crash) via a crafted file.
CVE-2016-10049 1 Imagemagick 1 Imagemagick 2020-11-16 6.8 MEDIUM 7.8 HIGH
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
CVE-2015-8959 1 Imagemagick 1 Imagemagick 2020-11-16 7.1 HIGH 6.5 MEDIUM
coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file.
CVE-2016-10050 2 Imagemagick, Opensuse 2 Imagemagick, Leap 2020-11-16 6.8 MEDIUM 7.8 HIGH
Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
CVE-2016-10052 1 Imagemagick 1 Imagemagick 2020-11-16 6.8 MEDIUM 7.8 HIGH
Buffer overflow in the WriteProfile function in coders/jpeg.c in ImageMagick before 6.9.5-6 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2016-10051 2 Imagemagick, Opensuse 2 Imagemagick, Leap 2020-11-16 6.8 MEDIUM 7.8 HIGH
Use-after-free vulnerability in the ReadPWPImage function in coders/pwp.c in ImageMagick 6.9.5-5 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2016-10053 1 Imagemagick 1 Imagemagick 2020-11-16 4.3 MEDIUM 5.5 MEDIUM
The WriteTIFFImage function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file.
CVE-2016-10054 1 Imagemagick 1 Imagemagick 2020-11-16 6.8 MEDIUM 7.8 HIGH
Buffer overflow in the WriteMAPImage function in coders/map.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2016-10055 1 Imagemagick 1 Imagemagick 2020-11-16 6.8 MEDIUM 7.8 HIGH
Buffer overflow in the WritePDBImage function in coders/pdb.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2016-10056 1 Imagemagick 1 Imagemagick 2020-11-16 6.8 MEDIUM 7.8 HIGH
Buffer overflow in the sixel_decode function in coders/sixel.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2016-10057 1 Imagemagick 1 Imagemagick 2020-11-16 6.8 MEDIUM 7.8 HIGH
Buffer overflow in the WriteGROUP4Image function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2016-10058 1 Imagemagick 1 Imagemagick 2020-11-16 7.1 HIGH 5.5 MEDIUM
Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick before 6.9.6-3 allows remote attackers to cause a denial of service (memory consumption) via a crafted image file.
CVE-2016-10063 1 Imagemagick 1 Imagemagick 2020-11-16 6.8 MEDIUM 7.8 HIGH
Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file, related to extend validity.