Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
imagemagick vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-25667
TIFFGetProfiles() in /coders/tiff.c calls strstr() which causes a large out-of-bounds read when it searches for `"dc:format=\"image/dng\"` within `profile` due to improper string handling, when a crafted input file is provided to ImageMagick. The patch uses a Strin...
Imagemagick Imagemagick
3.6
CVSSv2
CVE-2021-39212
ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and proprietary applications. In affected versions and in certain cases, Postscript files could be read and written when spec...
Imagemagick Imagemagick
6.4
CVSSv2
CVE-2016-6520
Buffer overflow in MagickCore/enhance.c in ImageMagick prior to 7.0.2-7 allows remote malicious users to have unspecified impact via vectors related to pixel cache morphology.
Imagemagick Imagemagick
6.8
CVSSv2
CVE-2016-10049
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick prior to 6.9.4-4 allows remote malicious users to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
Imagemagick Imagemagick
6.8
CVSSv2
CVE-2016-10056
Buffer overflow in the sixel_decode function in coders/sixel.c in ImageMagick prior to 6.9.5-8 allows remote malicious users to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
Imagemagick Imagemagick
7.1
CVSSv2
CVE-2016-10058
Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick prior to 6.9.6-3 allows remote malicious users to cause a denial of service (memory consumption) via a crafted image file.
Imagemagick Imagemagick
4.3
CVSSv2
CVE-2016-10060
The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagick prior to 7.0.1-10 does not check the return value of the fputc function, which allows remote malicious users to cause a denial of service (application crash) via a crafted file.
Imagemagick Imagemagick
4.3
CVSSv2
CVE-2016-10061
The ReadGROUP4Image function in coders/tiff.c in ImageMagick prior to 7.0.1-10 does not check the return value of the fputc function, which allows remote malicious users to cause a denial of service (crash) via a crafted image file.
Imagemagick Imagemagick
5
CVSSv2
CVE-2016-10067
magick/memory.c in ImageMagick prior to 6.9.4-5 allows remote malicious users to cause a denial of service (application crash) via vectors involving "too many exceptions," which trigger a buffer overflow.
Imagemagick Imagemagick
7.5
CVSSv2
CVE-2016-10144
coders/ipl.c in ImageMagick allows remote malicious users to have unspecific impact by leveraging a missing malloc check.
Imagemagick Imagemagick
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »