Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
imagemagick vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2023-3745
A heap-based buffer overflow issue was found in ImageMagick's PushCharPixel() function in quantum-private.h. This issue may allow a local malicious user to trick the user into opening a specially crafted file, triggering an out-of-bounds read error and allowing an applicatio...
Imagemagick Imagemagick
1 Github repository
4.3
CVSSv3
CVE-2023-3247
In PHP versions 8.0.* prior to 8.0.29, 8.1.* prior to 8.1.20, 8.2.* prior to 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it c...
Php Php
5.5
CVSSv3
CVE-2023-3195
A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c. This flaw allows an malicious user to trick the user into opening a specially crafted malicious tiff file, causing an application to crash, resulting in a denial of service.
Imagemagick Imagemagick
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
5.5
CVSSv3
CVE-2023-34474
A heap-based buffer overflow issue exists in ImageMagick's ReadTIM2ImageData() function in coders/tim2.c. A local attacker could trick the user in opening specially crafted file, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial ...
Imagemagick Imagemagick
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
5.5
CVSSv3
CVE-2023-34475
A heap use after free issue exists in ImageMagick's ReplaceXmpValue() function in MagickCore/profile.c. An attacker could trick user to open a specially crafted file to convert, triggering an heap-use-after-free write error, allowing an application to crash, resulting in a d...
Imagemagick Imagemagick
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
5.5
CVSSv3
CVE-2023-2157
A heap-based buffer overflow vulnerability was found in the ImageMagick package that can lead to the application crashing.
Imagemagick Imagemagick
7.8
CVSSv3
CVE-2023-34153
A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding.
Imagemagick Imagemagick
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
5.5
CVSSv3
CVE-2023-34151
A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546).
Imagemagick Imagemagick
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
9.8
CVSSv3
CVE-2023-34152
A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable-pipes configured.
Imagemagick Imagemagick
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
1 Github repository
5.5
CVSSv3
CVE-2023-1906
A heap-based buffer overflow issue exists in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a...
Imagemagick Imagemagick 7.1.1-4
Imagemagick Imagemagick
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 37
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »