Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2022-44268 vulnerabilities and exploits

(subscribe to this query)

6.5
CVE-2022-44268
ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it)....
Imagemagick Imagemagick 7.1.0-49
6.5
CVE-2022-44267
ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for stdin input....
Imagemagick Imagemagick 7.1.0-49
9.8
CVSSv3
CVE-2021-32802
Nextcloud server is an open source, self hosted personal cloud. Nextcloud supports rendering image previews for user provided file content. For some image types, the Nextcloud server was invoking a third-party library that wasn't suited for untrusted user-supplied content....
Nextcloud Nextcloud Server
8.4
CVSSv3
CVE-2016-3714
The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka "ImageTragick."...
Imagemagick Imagemagick 7.0.0-0Imagemagick ImagemagickImagemagick Imagemagick 7.0.1-0Canonical Ubuntu Linux 12.04Debian Debian Linux 8.0Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 15.10Canonical Ubuntu Linux 14.04Debian Debian Linux 9.0Opensuse Leap 42.1Opensuse Opensuse 13.2Suse Suse Linux Enterprise Server 12
NA
CVE-2023-44268
CVE-2023-44268 PoC Create a malicious PNG to take advantage of ImageMagick 7.1.0-40: CVE-2022-44267: Denial of Service CVE-2022-44268: Information Disclosure Credit to the researchers who discovered this: Bryan Gonzalez and the Ocelot Team Requirements Python3 PIL (pip...
5.5
CVE-2021-20224
An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of representable for the 'unsigned char'. When ImageMagick processes...
Imagemagick Imagemagick
3.3
CVE-2021-3574
A vulnerability was found in ImageMagick-7.0.11-5, where executing a crafted file with the convert command, ASAN detects memory leaks....
Imagemagick Imagemagick 7.0.11-5Fedoraproject Fedora 35Fedoraproject Fedora 36Fedoraproject Fedora 37
5.5
CVSSv3
CVE-2021-4219
A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions and leads to a denial of service. This flaw allows an attacker to crash the system....
Imagemagick Imagemagick
7.8
CVSSv3
CVE-2022-28463
ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow....
Imagemagick Imagemagick 7.1.0-27Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2022-32545
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related...
Imagemagick ImagemagickRedhat Enterprise Linux 7.0Fedoraproject Extra Packages For Enterprise Linux 8.0Fedoraproject Fedora 36
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-25675CVE-2023-21072physicalCVE-2023-28446encryptionCVE-2023-21076server-side request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook