Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
imagemagick imagemagick 6.0 vulnerabilities and exploits
(subscribe to this query)
3.3
CVSSv3
CVE-2020-27774
A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of a too large shift for 64-bit type `ssize_t`. This would most likely lead to an impact to application ...
Imagemagick Imagemagick
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5.0
Debian Debian Linux 9.0
3.3
CVSSv3
CVE-2020-27775
A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char. This would most likely lead to an impact to application...
Imagemagick Imagemagick
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5.0
Debian Debian Linux 9.0
3.3
CVSSv3
CVE-2020-27776
A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long. This would most likely lead to an impact to applicati...
Imagemagick Imagemagick
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5.0
3.3
CVSSv3
CVE-2020-27767
A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of types `float` and `unsigned char`. This would most likely lead to an impact...
Imagemagick Imagemagick
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5.0
Debian Debian Linux 9.0
3.3
CVSSv3
CVE-2020-27771
In RestoreMSCWarning() of /coders/pdf.c there are several areas where calls to GetPixelIndex() could result in values outside the range of representable for the unsigned char type. The patch casts the return value of GetPixelIndex() to ssize_t type to avoid this bug. This undefin...
Imagemagick Imagemagick
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5.0
Debian Debian Linux 9.0
3.3
CVSSv3
CVE-2020-27765
A flaw was found in ImageMagick in MagickCore/segment.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could ...
Imagemagick Imagemagick
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5.0
Debian Debian Linux 9.0
NA
CVE-2007-4985
ImageMagick prior to 6.3.5-9 allows context-dependent malicious users to cause a denial of service via a crafted image file that triggers (1) an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or (2) an infinite loop in the ReadXCFImage functio...
Imagemagick Imagemagick 5.4.2.3
Imagemagick Imagemagick 5.4.3
Imagemagick Imagemagick 5.5.6.0 20030409
Imagemagick Imagemagick 5.5.7
Imagemagick Imagemagick 6.0.4
Imagemagick Imagemagick 6.0.4.4
Imagemagick Imagemagick 6.1.1
Imagemagick Imagemagick 6.1.2
Imagemagick Imagemagick 6.2.0.3
Imagemagick Imagemagick 6.2.0.7
Imagemagick Imagemagick 5.4.4.5
Imagemagick Imagemagick 5.4.7
Imagemagick Imagemagick 5.5.7.15
Imagemagick Imagemagick 6.0
Imagemagick Imagemagick 6.0.5
Imagemagick Imagemagick 6.0.6
Imagemagick Imagemagick 6.1.3
Imagemagick Imagemagick 6.1.4
Imagemagick Imagemagick 6.1.5
Imagemagick Imagemagick 6.2.1
Imagemagick Imagemagick 6.2.2
Imagemagick Imagemagick 6.2.6
NA
CVE-2007-4986
Multiple integer overflows in ImageMagick prior to 6.3.5-9 allow context-dependent malicious users to execute arbitrary code via a crafted (1) .dcm, (2) .dib, (3) .xbm, (4) .xcf, or (5) .xwd image file, which triggers a heap-based buffer overflow.
Imagemagick Imagemagick 5.4.7
Imagemagick Imagemagick 5.4.8
Imagemagick Imagemagick 5.5.7.15
Imagemagick Imagemagick 6.0
Imagemagick Imagemagick 6.0.6
Imagemagick Imagemagick 6.0.6.2
Imagemagick Imagemagick 6.1.4
Imagemagick Imagemagick 6.1.5
Imagemagick Imagemagick 6.2.1
Imagemagick Imagemagick 6.2.2
Imagemagick Imagemagick 6.2.7
Imagemagick Imagemagick 6.2.8
Imagemagick Imagemagick 6.3.3 6
Imagemagick Imagemagick 6.3.4
Imagemagick Imagemagick 5.3.8
Imagemagick Imagemagick 5.4.2.3
Imagemagick Imagemagick 5.5.4
Imagemagick Imagemagick 5.5.6
Imagemagick Imagemagick 6.0.2.5
Imagemagick Imagemagick 6.0.3
Imagemagick Imagemagick 6.1
Imagemagick Imagemagick 6.1.1
NA
CVE-2007-4987
Off-by-one error in the ReadBlobString function in blob.c in ImageMagick prior to 6.3.5-9 allows context-dependent malicious users to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address.
Imagemagick Imagemagick 5.4.7
Imagemagick Imagemagick 5.4.8
Imagemagick Imagemagick 6.0
Imagemagick Imagemagick 6.0.1
Imagemagick Imagemagick 6.0.6
Imagemagick Imagemagick 6.0.6.2
Imagemagick Imagemagick 6.1.4
Imagemagick Imagemagick 6.1.5
Imagemagick Imagemagick 6.1.6
Imagemagick Imagemagick 6.2.2
Imagemagick Imagemagick 6.2.3
Imagemagick Imagemagick 6.2.7
Imagemagick Imagemagick 6.2.8
Imagemagick Imagemagick 6.3.3 6
Imagemagick Imagemagick 6.3.4
Imagemagick Imagemagick 5.3.8
Imagemagick Imagemagick 5.4.2.3
Imagemagick Imagemagick 5.5.6
Imagemagick Imagemagick 5.5.6.0 20030409
Imagemagick Imagemagick 6.0.3
Imagemagick Imagemagick 6.0.4
Imagemagick Imagemagick 6.1
NA
CVE-2006-5868
Multiple buffer overflows in Imagemagick 6.0 prior to 6.0.6.2, and 6.2 prior to 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image.
Imagemagick Imagemagick
Debian Debian Linux 4.0
Debian Debian Linux 3.1
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 5.10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »