Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Imagemagick Subscribe
Total 646 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-8898 1 Imagemagick 1 Imagemagick 2023-12-10 4.3 MEDIUM 5.5 MEDIUM
The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image file.
CVE-2016-9298 1 Imagemagick 1 Imagemagick 2023-12-10 4.3 MEDIUM 5.5 MEDIUM
Heap overflow in the WaveletDenoiseImage function in MagickCore/fx.c in ImageMagick before 6.9.6-4 and 7.x before 7.0.3-6 allows remote attackers to cause a denial of service (crash) via a crafted image.
CVE-2017-5510 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2023-12-10 6.8 MEDIUM 7.8 HIGH
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.
CVE-2016-10052 1 Imagemagick 1 Imagemagick 2023-12-10 6.8 MEDIUM 7.8 HIGH
Buffer overflow in the WriteProfile function in coders/jpeg.c in ImageMagick before 6.9.5-6 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2016-6491 2 Imagemagick, Oracle 2 Imagemagick, Solaris 2023-12-10 6.8 MEDIUM 8.8 HIGH
Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read, memory leak, and crash) via a crafted image.
CVE-2016-10252 1 Imagemagick 1 Imagemagick 2023-12-10 7.8 HIGH 7.5 HIGH
Memory leak in the IsOptionMember function in MagickCore/option.c in ImageMagick before 6.9.2-2, as used in ODR-PadEnc and other products, allows attackers to trigger memory consumption.
CVE-2016-10054 1 Imagemagick 1 Imagemagick 2023-12-10 6.8 MEDIUM 7.8 HIGH
Buffer overflow in the WriteMAPImage function in coders/map.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2014-9915 1 Imagemagick 1 Imagemagick 2023-12-10 4.3 MEDIUM 5.5 MEDIUM
Off-by-one error in ImageMagick before 6.6.0-4 allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM profile.
CVE-2014-9824 1 Imagemagick 1 Imagemagick 2023-12-10 6.8 MEDIUM 7.8 HIGH
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9825.
CVE-2016-5010 1 Imagemagick 1 Imagemagick 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
coders/tiff.c in ImageMagick before 6.9.5-3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF file.
CVE-2016-9559 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image.
CVE-2017-8355 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-5, the ReadMTVImage function in mtv.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2016-7527 1 Imagemagick 1 Imagemagick 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
CVE-2014-9850 4 Canonical, Imagemagick, Opensuse and 1 more 8 Ubuntu Linux, Imagemagick, Opensuse and 5 more 2023-12-10 5.0 MEDIUM 7.5 HIGH
Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption).
CVE-2014-9822 1 Imagemagick 1 Imagemagick 2023-12-10 6.8 MEDIUM 7.8 HIGH
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted quantum file.
CVE-2016-5687 2 Imagemagick, Oracle 2 Imagemagick, Solaris 2023-12-10 7.5 HIGH 9.8 CRITICAL
The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4 allows remote attackers to have unspecified impact via a crafted DDS file, which triggers an out-of-bounds read.
CVE-2017-8765 1 Imagemagick 1 Imagemagick 2023-12-10 7.1 HIGH 6.5 MEDIUM
The function named ReadICONImage in coders\icon.c in ImageMagick 7.0.5-5 has a memory leak vulnerability which can cause memory exhaustion via a crafted ICON file.
CVE-2016-10049 1 Imagemagick 1 Imagemagick 2023-12-10 6.8 MEDIUM 7.8 HIGH
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
CVE-2014-9805 1 Imagemagick 1 Imagemagick 2023-12-10 4.3 MEDIUM 5.5 MEDIUM
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file.
CVE-2016-10060 1 Imagemagick 1 Imagemagick 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.