Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
imagemagick vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-12600
In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow malicious users to cause an out of bounds write via a crafted file.
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Imagemagick Imagemagick 7.0.8-3
8.8
CVSSv3
CVE-2018-11624
In ImageMagick 7.0.7-36 Q16, the ReadMATImage function in coders/mat.c allows malicious users to cause a use after free via a crafted file.
Imagemagick Imagemagick 7.0.7-36
8.8
CVSSv3
CVE-2018-11625
In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows malicious users to cause a heap-based buffer over-read via a crafted file.
Imagemagick Imagemagick 7.0.7-37
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
8.8
CVSSv3
CVE-2018-9135
In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in IsWEBPImageLossless in coders/webp.c.
Imagemagick Imagemagick 7.0.7-24
8.8
CVSSv3
CVE-2018-8960
The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read.
Imagemagick Imagemagick 7.0.7-26
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
8.8
CVSSv3
CVE-2018-8804
WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote malicious users to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file.
Imagemagick Imagemagick 7.0.7-25q16
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
8.8
CVSSv3
CVE-2017-18209
In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory.
Imagemagick Imagemagick 7.0.7-4
Imagemagick Imagemagick 7.0.7-6
Imagemagick Imagemagick 7.0.7-14
Imagemagick Imagemagick 7.0.7-16
Imagemagick Imagemagick 7.0.7-21
Imagemagick Imagemagick 7.0.7-23
Imagemagick Imagemagick 7.0.7-0
Imagemagick Imagemagick 7.0.7-1
Imagemagick Imagemagick 7.0.7-2
Imagemagick Imagemagick 7.0.7-17
Imagemagick Imagemagick 7.0.7-18
Imagemagick Imagemagick 7.0.7-19
Imagemagick Imagemagick 7.0.7-20
Imagemagick Imagemagick 7.0.7-9
Imagemagick Imagemagick 7.0.7-10
Imagemagick Imagemagick 7.0.7-11
Imagemagick Imagemagick 7.0.7-12
Imagemagick Imagemagick 7.0.7-25
Imagemagick Imagemagick 7.0.7.7
Imagemagick Imagemagick 7.0.7-3
Imagemagick Imagemagick 7.0.7-5
Imagemagick Imagemagick 7.0.7-8
8.8
CVSSv3
CVE-2018-5248
In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode function.
Imagemagick Imagemagick 7.0.7-17
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
8.8
CVSSv3
CVE-2017-17880
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to a WEBP_DECODER_ABI_VERSION check.
Imagemagick Imagemagick 7.0.7-16
8.8
CVSSv3
CVE-2017-17879
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error.
Imagemagick Imagemagick 7.0.7-16
Debian Debian Linux 8.0
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 7.0
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »