Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
imagemagick vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2005-0397
Format string vulnerability in the SetImageInfo function in image.c for ImageMagick prior to 6.0.2.5 may allow remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a filename argument to conver...
Imagemagick Imagemagick 5.5
Imagemagick Imagemagick 5.2
Imagemagick Imagemagick 5.3
Imagemagick Imagemagick 5.4
668
VMScore
CVE-2005-0762
Heap-based buffer overflow in the SGI parser in ImageMagick prior to 6.0 allows remote malicious users to execute arbitrary code via a crafted SGI image file.
Imagemagick Imagemagick 5.4.7
Imagemagick Imagemagick 5.4.8
Imagemagick Imagemagick 6.0
Imagemagick Imagemagick 6.0.1
Imagemagick Imagemagick 5.4.8.2.1.1.0
Imagemagick Imagemagick 5.5.3.2.1.2.0
Imagemagick Imagemagick 5.4.3
Imagemagick Imagemagick 5.4.4.5
Imagemagick Imagemagick 5.5.6.0 2003-04-09
Imagemagick Imagemagick 5.5.7
Imagemagick Imagemagick 5.3.3
Imagemagick Imagemagick 5.3.8
Imagemagick Imagemagick 5.5.4
Imagemagick Imagemagick 5.5.6
668
VMScore
CVE-2005-0005
Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote malicious users to execute arbitrary code via a .PSD image file with a large number of layers.
Graphicsmagick Graphicsmagick 1.1.3
Graphicsmagick Graphicsmagick 1.1.4
Imagemagick Imagemagick 6.0.2.5
Imagemagick Imagemagick 6.0.3
Imagemagick Imagemagick 6.1.1.6
Imagemagick Imagemagick 6.1.2
Imagemagick Imagemagick 6.2.0.7
Sgi Propack 3.0
Graphicsmagick Graphicsmagick 1.0.6
Graphicsmagick Graphicsmagick 1.1
Imagemagick Imagemagick 6.0.1
Imagemagick Imagemagick 6.0.2
Imagemagick Imagemagick 6.0.8
Imagemagick Imagemagick 6.1
Imagemagick Imagemagick 6.2
Imagemagick Imagemagick 6.2.0.4
Graphicsmagick Graphicsmagick 1.0
Imagemagick Imagemagick 5.4.7
Imagemagick Imagemagick 6.0
Imagemagick Imagemagick 6.0.6
Imagemagick Imagemagick 6.0.7
Imagemagick Imagemagick 6.1.6
668
VMScore
CVE-2004-0817
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote malicious users to execute arbitrary code via a crafted BMP file.
Enlightenment Imlib 1.9
Enlightenment Imlib 1.9.2
Enlightenment Imlib 1.9.3
Enlightenment Imlib2 1.0
Enlightenment Imlib2 1.0.1
Imagemagick Imagemagick 5.4.3
Imagemagick Imagemagick 5.4.4.5
Imagemagick Imagemagick 6.0.2
Sun Java Desktop System 2.0
Enlightenment Imlib 1.9.1
Enlightenment Imlib 1.9.10
Enlightenment Imlib 1.9.4
Enlightenment Imlib 1.9.5
Enlightenment Imlib2 1.0.2
Enlightenment Imlib2 1.0.3
Imagemagick Imagemagick 5.4.7
Imagemagick Imagemagick 5.4.8
Sun Java Desktop System 2003
Conectiva Linux 10.0
Enlightenment Imlib 1.9.11
Enlightenment Imlib 1.9.12
Enlightenment Imlib 1.9.6
668
VMScore
CVE-2004-0827
Multiple buffer overflows in the ImageMagick graphics library 5.x prior to 5.4.4, and 6.x prior to 6.0.6.2, allow remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.
Enlightenment Imlib 1.9.11
Enlightenment Imlib 1.9.12
Enlightenment Imlib 1.9.6
Enlightenment Imlib 1.9.7
Enlightenment Imlib2 1.0.4
Enlightenment Imlib2 1.0.5
Enlightenment Imlib2 1.1
Imagemagick Imagemagick 5.4.8.2.1.1.0
Imagemagick Imagemagick 5.5.3.2.1.2.0
Conectiva Linux 9.0
Enlightenment Imlib 1.9.1
Enlightenment Imlib 1.9.10
Enlightenment Imlib 1.9.4
Enlightenment Imlib 1.9.5
Enlightenment Imlib2 1.0.2
Enlightenment Imlib2 1.0.3
Imagemagick Imagemagick 5.4.7
Imagemagick Imagemagick 5.4.8
Sun Java Desktop System 2003
Conectiva Linux 10.0
Enlightenment Imlib 1.9.13
Enlightenment Imlib 1.9.14
668
VMScore
CVE-2003-0555
ImageMagick 5.4.3.x and previous versions allows malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a "%x" filename, possibly triggering a format string vulnerability.
Imagemagick Imagemagick 5.4.3
641
VMScore
CVE-2005-3582
ImageMagick prior to 6.2.4.2-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime.
Imagemagick Imagemagick 5.3.1
Imagemagick Imagemagick 5.3.2
Imagemagick Imagemagick 5.3.9
Imagemagick Imagemagick 4.2.9
Imagemagick Imagemagick 5.2.0
Imagemagick Imagemagick 5.3.5
Imagemagick Imagemagick 5.3.6
Imagemagick Imagemagick 5.4.3.11
Imagemagick Imagemagick 5.4.4.5
Imagemagick Imagemagick 5.5.3.2
Imagemagick Imagemagick 5.5.4.4
Imagemagick Imagemagick 6.0
Imagemagick Imagemagick 6.0.0.7
Imagemagick Imagemagick 6.0.7.3
Imagemagick Imagemagick 6.0.8.3
Imagemagick Imagemagick 6.1.7.5
Imagemagick Imagemagick 6.1.8.7
Imagemagick Imagemagick 4.2.7
Imagemagick Imagemagick 5.3.3
Imagemagick Imagemagick 5.3.4
Imagemagick Imagemagick 5.4.1.2
Imagemagick Imagemagick 5.4.2.3
633
VMScore
CVE-2017-14174
In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "length" field in the header but does not contain sufficient backing da...
Imagemagick Imagemagick 7.0.7-0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
2 Github repositories
632
VMScore
CVE-2021-20245
A flaw was found in ImageMagick in coders/webp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.
Imagemagick Imagemagick
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 33
Debian Debian Linux 9.0
632
VMScore
CVE-2021-20246
A flaw was found in ImageMagick in MagickCore/resample.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.
Imagemagick Imagemagick
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 33
Debian Debian Linux 9.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »