Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
imagemagick vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2023-1289
A vulnerability exists in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote malicious user to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp,"...
Imagemagick Imagemagick
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Extra Packages For Enterprise Linux 9.0
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
8.8
CVSSv3
CVE-2022-3568
The ImageMagick Engine plugin for WordPress is vulnerable to deserialization of untrusted input via the 'cli_path' parameter in versions up to, and including 1.7.5. This makes it possible for unauthenticated users to call files using a PHAR wrapper, granted they can tri...
Orangelab Imagemagick Engine
6.5
CVSSv3
CVE-2022-44267
ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for stdin input.
Imagemagick Imagemagick 7.1.0-49
3 Github repositories
6.5
CVSSv3
CVE-2022-44268
ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it).
Imagemagick Imagemagick 7.1.0-49
29 Github repositories
5.5
CVSSv3
CVE-2022-3213
A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIFF file, it could lead to undefined behavior or a crash causing a denial of service.
Imagemagick Imagemagick
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 35
Fedoraproject Extra Packages For Enterprise Linux 9.0
Fedoraproject Fedora 36
Fedoraproject Fedora 37
7.1
CVSSv3
CVE-2022-0284
A heap-based-buffer-over-read flaw was found in ImageMagick's GetPixelAlpha() function of 'pixel-accessor.h'. This vulnerability is triggered when an attacker passes a specially crafted Tagged Image File Format (TIFF) image to convert it into a PICON file format. T...
Imagemagick Imagemagick
5.5
CVSSv3
CVE-2022-1115
A heap-buffer-overflow flaw was found in ImageMagick’s PushShortPixel() function of quantum-private.h file. This vulnerability is triggered when an attacker passes a specially crafted TIFF image file to ImageMagick for conversion, potentially leading to a denial of service.
Imagemagick Imagemagick
3.3
CVSSv3
CVE-2021-3574
A vulnerability was found in ImageMagick-7.0.11-5, where executing a crafted file with the convert command, ASAN detects memory leaks.
Imagemagick Imagemagick 7.0.11-5
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
5.5
CVSSv3
CVE-2021-20224
An integer overflow issue exists in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of representable for the 'unsigned char'. When ImageMagick processes a crafted...
Imagemagick Imagemagick
5.5
CVSSv3
CVE-2022-2719
In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was made in MagickWand/operation.c, due to a NULL image list. This could potentially cause a denial of service. This was fixed in upstream ImageMagick version 7.1.0-30.
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 36
Imagemagick Imagemagick
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »