Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
imagemagick vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2021-3962
A flaw was found in ImageMagick where it did not properly sanitize certain input before using it to invoke convert processes. This flaw allows an malicious user to create a specially crafted image that leads to a use-after-free vulnerability when processed by ImageMagick. The hig...
Imagemagick Imagemagick 7.1.0-14
3.6
CVSSv3
CVE-2021-39212
ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and proprietary applications. In affected versions and in certain cases, Postscript files could be read and written when spec...
Imagemagick Imagemagick
NA
CVE-2021-34183
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
9.8
CVSSv3
CVE-2021-33564
An argument injection vulnerability in the Dragonfly gem prior to 1.4.0 for Ruby allows remote malicious users to read and write to arbitrary files via a crafted URL when the verify_url option is disabled. This may lead to code execution. The problem occurs because the generate a...
Dragonfly Project Dragonfly
2 Github repositories
3.3
CVSSv3
CVE-2020-27769
In ImageMagick versions prior to 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c.
Imagemagick Imagemagick
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Desktop 5.0
Fedoraproject Fedora 33
7.5
CVSSv3
CVE-2021-20309
A flaw was found in ImageMagick in versions prior to 7.0.11 and prior to 6.9.12, where a division by zero in WaveImage() of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick. The highest threat from t...
Imagemagick Imagemagick
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2021-20313
A flaw was found in ImageMagick in versions prior to 7.0.11. A potential cipher leak when the calculate signatures in TransformSignature is possible. The highest threat from this vulnerability is to data confidentiality.
Imagemagick Imagemagick
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2021-20310
A flaw was found in ImageMagick in versions prior to 7.0.11, where a division by zero ConvertXYZToJzazbz() of MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. The hi...
7.5
CVSSv3
CVE-2021-20311
A flaw was found in ImageMagick in versions prior to 7.0.11, where a division by zero in sRGBTransformImage() in the MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker processed by an application using ImageMagick. The...
7.5
CVSSv3
CVE-2021-20312
A flaw was found in ImageMagick in versions 7.0.11, where an integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. The highest threa...
Imagemagick Imagemagick
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »