Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
imagemagick imagemagick vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2022-0284
A heap-based-buffer-over-read flaw was found in ImageMagick's GetPixelAlpha() function of 'pixel-accessor.h'. This vulnerability is triggered when an attacker passes a specially crafted Tagged Image File Format (TIFF) image to convert it into a PICON file format. T...
Imagemagick Imagemagick
6.2
CVSSv3
CVE-2014-8716
The JPEG decoder in ImageMagick prior to 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and crash).
Imagemagick Imagemagick
5.5
CVSSv3
CVE-2020-25667
TIFFGetProfiles() in /coders/tiff.c calls strstr() which causes a large out-of-bounds read when it searches for `"dc:format=\"image/dng\"` within `profile` due to improper string handling, when a crafted input file is provided to ImageMagick. The patch uses a Strin...
Imagemagick Imagemagick
6.5
CVSSv3
CVE-2015-8901
ImageMagick 6.x prior to 6.9.0-5 Beta allows remote malicious users to cause a denial of service (infinite loop) via a crafted MIFF file.
Imagemagick Imagemagick
8.8
CVSSv3
CVE-2019-17541
ImageMagick prior to 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c.
Imagemagick Imagemagick
1 Github repository
6.5
CVSSv3
CVE-2015-8902
The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x prior to 6.9.0-5 Beta allows remote malicious users to cause a denial of service (infinite loop) via a crafted PDB file.
Imagemagick Imagemagick
9.8
CVSSv3
CVE-2018-16328
In ImageMagick prior to 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c.
Imagemagick Imagemagick
6.5
CVSSv3
CVE-2019-10714
LocaleLowercase in MagickCore/locale.c in ImageMagick prior to 7.0.8-32 allows out-of-bounds access, leading to a SIGSEGV.
Imagemagick Imagemagick
7.8
CVSSv3
CVE-2014-9823
Heap-based buffer overflow in ImageMagick allows remote malicious users to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9819.
Imagemagick Imagemagick -
7.8
CVSSv3
CVE-2014-9825
Heap-based buffer overflow in ImageMagick allows remote malicious users to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9824.
Imagemagick Imagemagick -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »