Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
imagemagick imagemagick vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-27756
In ParseMetaGeometry() of MagickCore/geometry.c, image height and width calculations can lead to divide-by-zero conditions which also lead to undefined behavior. This flaw can be triggered by a crafted input file processed by ImageMagick and could impact application availability....
Imagemagick Imagemagick
4.3
CVSSv2
CVE-2015-8901
ImageMagick 6.x prior to 6.9.0-5 Beta allows remote malicious users to cause a denial of service (infinite loop) via a crafted MIFF file.
Imagemagick Imagemagick
4.3
CVSSv2
CVE-2015-8903
The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x prior to 6.9.0-5 Beta allows remote malicious users to cause a denial of service (infinite loop) via a crafted VICAR file.
Imagemagick Imagemagick
4.3
CVSSv2
CVE-2017-13144
In ImageMagick prior to 6.9.7-10, there is a crash (rather than a "width or height exceeds limit" error report) if the image dimensions are too large, as demonstrated by use of the mpc coder.
Imagemagick Imagemagick
6.8
CVSSv2
CVE-2019-17541
ImageMagick prior to 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c.
Imagemagick Imagemagick
1 Github repository
2.1
CVSSv2
CVE-2014-8716
The JPEG decoder in ImageMagick prior to 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and crash).
Imagemagick Imagemagick
5.8
CVSSv2
CVE-2020-13902
ImageMagick 7.0.9-27 up to and including 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image decoding.
Imagemagick Imagemagick
7.5
CVSSv2
CVE-2016-5239
The gnuplot delegate functionality in ImageMagick prior to 6.9.4-0 and GraphicsMagick allows remote malicious users to execute arbitrary commands via unspecified vectors.
Imagemagick Imagemagick
7.5
CVSSv2
CVE-2018-16329
In ImageMagick prior to 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c.
Imagemagick Imagemagick
4.3
CVSSv2
CVE-2021-4219
A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions and leads to a denial of service. This flaw allows an malicious user to crash the system.
Imagemagick Imagemagick
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »