Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
imagemagick imagemagick vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2021-20311
A flaw was found in ImageMagick in versions prior to 7.0.11, where a division by zero in sRGBTransformImage() in the MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker processed by an application using ImageMagick. The...
Imagemagick Imagemagick
7.8
CVSSv2
CVE-2016-10252
Memory leak in the IsOptionMember function in MagickCore/option.c in ImageMagick prior to 6.9.2-2, as used in ODR-PadEnc and other products, allows malicious users to trigger memory consumption.
Imagemagick Imagemagick
4.3
CVSSv2
CVE-2020-25663
A call to ConformPixelInfo() in the SetImageAlphaChannel() routine of /MagickCore/channel.c caused a subsequent heap-use-after-free or heap-buffer-overflow READ when GetPixelRed() or GetPixelBlue() was called. This could occur if an attacker is able to submit a malicious image fi...
Imagemagick Imagemagick
4.3
CVSSv2
CVE-2020-25667
TIFFGetProfiles() in /coders/tiff.c calls strstr() which causes a large out-of-bounds read when it searches for `"dc:format=\"image/dng\"` within `profile` due to improper string handling, when a crafted input file is provided to ImageMagick. The patch uses a Strin...
Imagemagick Imagemagick
7.5
CVSSv2
CVE-2018-16329
In ImageMagick prior to 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c.
Imagemagick Imagemagick
5.8
CVSSv2
CVE-2020-27752
A flaw was found in ImageMagick in MagickCore/quantum-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger a heap buffer overflow. This would most likely lead to an impact to application availability, but could potentially lead to an im...
Imagemagick Imagemagick
7.5
CVSSv2
CVE-2017-5511
coders/psd.c in ImageMagick allows remote malicious users to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow.
Imagemagick Imagemagick
NA
CVE-2023-2157
A heap-based buffer overflow vulnerability was found in the ImageMagick package that can lead to the application crashing.
Imagemagick Imagemagick
4.3
CVSSv2
CVE-2020-27753
There are several memory leaks in the MIFF coder in /coders/miff.c due to improper image depth values, which can be triggered by a specially crafted input file. These leaks could potentially lead to an impact to application availability or cause a denial of service. It was origin...
Imagemagick Imagemagick
4.3
CVSSv2
CVE-2020-27755
in SetImageExtent() of /MagickCore/image.c, an incorrect image depth size can cause a memory leak because the code which checks for the proper image depth size does not reset the size in the event there is an invalid size. The patch resets the depth to a proper size before throwi...
Imagemagick Imagemagick
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »