Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
imagemagick vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-3745
A heap-based buffer overflow issue was found in ImageMagick's PushCharPixel() function in quantum-private.h. This issue may allow a local malicious user to trick the user into opening a specially crafted file, triggering an out-of-bounds read error and allowing an applicatio...
Imagemagick Imagemagick
1 Github repository
4.3
CVSSv2
CVE-2017-11447
The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick prior to 7.0.6-1 has memory leaks, causing denial of service.
Imagemagick Imagemagick
4.3
CVSSv2
CVE-2017-11448
The ReadJPEGImage function in coders/jpeg.c in ImageMagick prior to 7.0.6-1 allows remote malicious users to obtain sensitive information from uninitialized memory locations via a crafted file.
Imagemagick Imagemagick
6.8
CVSSv2
CVE-2017-11449
coders/mpc.c in ImageMagick prior to 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin.
Imagemagick Imagemagick
4.3
CVSSv2
CVE-2017-12876
Heap-based buffer overflow in enhance.c in ImageMagick prior to 7.0.6-6 allows remote malicious users to cause a denial of service via a crafted file.
Imagemagick Imagemagick
4.3
CVSSv2
CVE-2017-13144
In ImageMagick prior to 6.9.7-10, there is a crash (rather than a "width or height exceeds limit" error report) if the image dimensions are too large, as demonstrated by use of the mpc coder.
Imagemagick Imagemagick
7.5
CVSSv2
CVE-2019-19952
In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGImage.
Imagemagick Imagemagick
4.3
CVSSv2
CVE-2019-18853
ImageMagick prior to 7.0.9-0 allows remote malicious users to cause a denial of service because XML_PARSE_HUGE is not properly restricted in coders/svg.c, related to SVG and libxml2.
Imagemagick Imagemagick
4.3
CVSSv2
CVE-2019-10714
LocaleLowercase in MagickCore/locale.c in ImageMagick prior to 7.0.8-32 allows out-of-bounds access, leading to a SIGSEGV.
Imagemagick Imagemagick
4.3
CVSSv2
CVE-2021-4219
A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions and leads to a denial of service. This flaw allows an malicious user to crash the system.
Imagemagick Imagemagick
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »