Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
imagemagick vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-11448
The ReadJPEGImage function in coders/jpeg.c in ImageMagick prior to 7.0.6-1 allows remote malicious users to obtain sensitive information from uninitialized memory locations via a crafted file.
Imagemagick Imagemagick
6.8
CVSSv2
CVE-2017-11449
coders/mpc.c in ImageMagick prior to 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin.
Imagemagick Imagemagick
4.3
CVSSv2
CVE-2014-8562
DCM decode in ImageMagick prior to 6.8.9-9 allows remote malicious users to cause a denial of service (out-of-bounds read).
Imagemagick Imagemagick
6.8
CVSSv2
CVE-2019-17547
In ImageMagick prior to 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free.
Imagemagick Imagemagick
7.5
CVSSv2
CVE-2016-10145
Off-by-one error in coders/wpg.c in ImageMagick allows remote malicious users to have unspecified impact via vectors related to a string copy.
Imagemagick Imagemagick
7.8
CVSSv2
CVE-2016-10146
Multiple memory leaks in the caption and label handling code in ImageMagick allow remote malicious users to cause a denial of service (memory consumption) via unspecified vectors.
Imagemagick Imagemagick
4.3
CVSSv2
CVE-2014-9815
ImageMagick allows remote malicious users to cause a denial of service (application crash) via a crafted wpg file.
Imagemagick Imagemagick -
4.3
CVSSv2
CVE-2015-8900
The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote malicious users to cause a denial of service (infinite loop) via a crafted HDR file.
Imagemagick Imagemagick
4.3
CVSSv2
CVE-2015-8901
ImageMagick 6.x prior to 6.9.0-5 Beta allows remote malicious users to cause a denial of service (infinite loop) via a crafted MIFF file.
Imagemagick Imagemagick
4.3
CVSSv2
CVE-2015-8902
The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x prior to 6.9.0-5 Beta allows remote malicious users to cause a denial of service (infinite loop) via a crafted PDB file.
Imagemagick Imagemagick
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »