Filtered by vendor Imagemagick
Subscriptions
Filtered by product Imagemagick
Subscriptions
Total
645 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2004-0827 | 9 Conectiva, Enlightenment, Imagemagick and 6 more | 14 Linux, Imlib, Imlib2 and 11 more | 2025-04-03 | N/A |
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files. | ||||
CVE-2004-0802 | 9 Conectiva, Enlightenment, Imagemagick and 6 more | 16 Linux, Imlib, Imlib2 and 13 more | 2025-04-03 | N/A |
Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817. | ||||
CVE-2005-0762 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2025-04-03 | N/A |
Heap-based buffer overflow in the SGI parser in ImageMagick before 6.0 allows remote attackers to execute arbitrary code via a crafted SGI image file. | ||||
CVE-2006-3744 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2025-04-03 | N/A |
Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arbitrary code via crafted Sun Rasterfile (bitmap) images that trigger heap-based buffer overflows. | ||||
CVE-2005-4601 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2025-04-03 | N/A |
The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename that is processed by the display command. | ||||
CVE-2005-0760 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2025-04-03 | N/A |
The TIFF decoder in ImageMagick before 6.0 allows remote attackers to cause a denial of service (crash) via a crafted TIFF file. | ||||
CVE-2004-0981 | 5 Debian, Gentoo, Imagemagick and 2 more | 5 Debian Linux, Linux, Imagemagick and 2 more | 2025-04-03 | N/A |
Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file. | ||||
CVE-2004-0817 | 9 Conectiva, Enlightenment, Imagemagick and 6 more | 16 Linux, Imlib, Imlib2 and 13 more | 2025-04-03 | N/A |
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file. | ||||
CVE-2005-0759 | 3 Imagemagick, Redhat, Sgi | 3 Imagemagick, Enterprise Linux, Propack | 2025-04-03 | N/A |
ImageMagick before 6.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image with an invalid tag. | ||||
CVE-2006-0082 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2025-04-03 | N/A |
Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name, a variant of CVE-2005-0397, and as demonstrated using the convert program. | ||||
CVE-2005-0761 | 3 Imagemagick, Redhat, Sgi | 3 Imagemagick, Enterprise Linux, Propack | 2025-04-03 | N/A |
Unknown vulnerability in ImageMagick before 6.1.8 allows remote attackers to cause a denial of service (application crash) via a crafted PSD file. | ||||
CVE-2016-3718 | 6 Canonical, Imagemagick, Opensuse and 3 more | 31 Ubuntu Linux, Imagemagick, Leap and 28 more | 2025-04-02 | 5.5 Medium |
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image. | ||||
CVE-2016-3715 | 6 Canonical, Imagemagick, Opensuse and 3 more | 31 Ubuntu Linux, Imagemagick, Leap and 28 more | 2025-04-02 | 5.5 Medium |
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image. | ||||
CVE-2022-44268 | 1 Imagemagick | 1 Imagemagick | 2025-03-26 | 6.5 Medium |
ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it). | ||||
CVE-2022-44267 | 1 Imagemagick | 1 Imagemagick | 2025-03-26 | 6.5 Medium |
ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for stdin input. | ||||
CVE-2019-13454 | 5 Canonical, Debian, Imagemagick and 2 more | 5 Ubuntu Linux, Debian Linux, Imagemagick and 2 more | 2025-03-04 | 6.5 Medium |
ImageMagick 7.0.1-0 to 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c. | ||||
CVE-2023-1906 | 2 Fedoraproject, Imagemagick | 3 Extra Packages For Enterprise Linux, Fedora, Imagemagick | 2025-02-10 | 5.5 Medium |
A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service. | ||||
CVE-2023-3745 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2025-02-07 | 5.5 Medium |
A heap-based buffer overflow issue was found in ImageMagick's PushCharPixel() function in quantum-private.h. This issue may allow a local attacker to trick the user into opening a specially crafted file, triggering an out-of-bounds read error and allowing an application to crash, resulting in a denial of service. | ||||
CVE-2023-5341 | 3 Fedoraproject, Imagemagick, Redhat | 4 Extra Packages For Enterprise Linux, Fedora, Imagemagick and 1 more | 2025-02-07 | 6.2 Medium |
A heap use-after-free flaw was found in coders/bmp.c in ImageMagick. | ||||
CVE-2023-3428 | 3 Fedoraproject, Imagemagick, Redhat | 4 Extra Packages For Enterprise Linux, Fedora, Imagemagick and 1 more | 2025-02-07 | 6.2 Medium |
A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. This issue may allow a local attacker to trick the user into opening a specially crafted file, resulting in an application crash and denial of service. |