Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
imagemagick imagemagick - vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2022-24720
image_processing is an image processing wrapper for libvips and ImageMagick/GraphicsMagick. Prior to version 1.12.2, using the `#apply` method from image_processing to apply a series of operations that are coming from unsanitized user input allows the malicious user to execute sh...
Image Processing Project Image Processing
Debian Debian Linux 11.0
890
VMScore
CVE-2004-0981
Buffer overflow in the EXIF parsing routine in ImageMagick prior to 6.1.0 allows remote malicious users to execute arbitrary code via a certain image file.
Imagemagick Imagemagick 5.4.8
Imagemagick Imagemagick 5.4.8.2.1.1.0
Imagemagick Imagemagick 6.0.4
Imagemagick Imagemagick 6.0.5
Imagemagick Imagemagick 5.3.3
Imagemagick Imagemagick 5.4.3
Imagemagick Imagemagick 5.5.7
Imagemagick Imagemagick 6.0
Imagemagick Imagemagick 5.5.3.2.1.2.0
Imagemagick Imagemagick 5.5.6.0 2003-04-09
Imagemagick Imagemagick 6.0.6
Imagemagick Imagemagick 6.0.7
Imagemagick Imagemagick 6.0.8
Imagemagick Imagemagick 5.4.4.5
Imagemagick Imagemagick 5.4.7
Imagemagick Imagemagick 6.0.1
Imagemagick Imagemagick 6.0.3
Debian Debian Linux 3.0
Gentoo Linux
Suse Suse Linux 8.0
Suse Suse Linux 9.0
Suse Suse Linux 8.1
828
VMScore
CVE-2019-11832
TYPO3 8.x prior to 8.7.25 and 9.x prior to 9.5.6 allows remote code execution because it does not properly configure the applications used for image processing, as demonstrated by ImageMagick or GraphicsMagick.
Typo3 Typo3
828
VMScore
CVE-2016-10571
bkjs-wand is imagemagick wand support for node.js and backendjs bkjs-wand versions lower than 0.3.2 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with a...
Bkjs-wand Project Bkjs-wand
828
VMScore
CVE-2009-1882
Integer overflow in the XMakeImage function in magick/xwindow.c in ImageMagick 6.5.2-8, and GraphicsMagick, allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow. NOTE: some...
Imagemagick Imagemagick 6.5.2-8
828
VMScore
CVE-2007-4987
Off-by-one error in the ReadBlobString function in blob.c in ImageMagick prior to 6.3.5-9 allows context-dependent malicious users to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address.
Imagemagick Imagemagick 5.4.7
Imagemagick Imagemagick 5.4.8
Imagemagick Imagemagick 6.0
Imagemagick Imagemagick 6.0.1
Imagemagick Imagemagick 6.0.6
Imagemagick Imagemagick 6.0.6.2
Imagemagick Imagemagick 6.1.4
Imagemagick Imagemagick 6.1.5
Imagemagick Imagemagick 6.1.6
Imagemagick Imagemagick 6.2.2
Imagemagick Imagemagick 6.2.3
Imagemagick Imagemagick 6.2.7
Imagemagick Imagemagick 6.2.8
Imagemagick Imagemagick 6.3.3 6
Imagemagick Imagemagick 6.3.4
Imagemagick Imagemagick 5.3.8
Imagemagick Imagemagick 5.4.2.3
Imagemagick Imagemagick 5.5.6
Imagemagick Imagemagick 5.5.6.0 20030409
Imagemagick Imagemagick 6.0.3
Imagemagick Imagemagick 6.0.4
Imagemagick Imagemagick 6.1
828
VMScore
CVE-2007-1667
Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 prior to 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote malicious users to cause a denial of service (crash) or obtain sensitive information via crafted i...
X.org Libx11
Imagemagick Imagemagick
828
VMScore
CVE-2007-0770
Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted remote malicious users to cause a denial of service and possibly execute arbitrary code via a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. NOTE: this issue is due to ...
Graphicsmagick Graphicsmagick
Imagemagick Imagemagick 6.3.3.4
828
VMScore
CVE-2006-5868
Multiple buffer overflows in Imagemagick 6.0 prior to 6.0.6.2, and 6.2 prior to 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image.
Imagemagick Imagemagick
Debian Debian Linux 4.0
Debian Debian Linux 3.1
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 5.10
801
VMScore
CVE-2019-10048
The ImageMagick plugin that is installed by default in Pydio up to and including 8.2.2 does not perform the appropriate validation and sanitization of user supplied input in the plugin's configuration options, allowing arbitrary shell commands to be entered that result in co...
Pydio Pydio
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »