Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
imagemagick vulnerabilities and exploits
(subscribe to this query)
3.3
CVSSv3
CVE-2020-27759
In IntensityCompare() of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a value outside the range of type `int` to be returned. The flaw could be triggered by a crafted input file under certain conditions when processed by ...
Imagemagick Imagemagick
Debian Debian Linux 9.0
1 Github repository
3.3
CVSSv3
CVE-2020-27761
WritePALMImage() in /coders/palm.c used size_t casts in several areas of a calculation which could lead to values outside the range of representable type `unsigned long` undefined behavior when a crafted input file was processed by ImageMagick. The patch casts to `ssize_t` instea...
Imagemagick Imagemagick
Debian Debian Linux 9.0
3.3
CVSSv3
CVE-2020-27763
A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could p...
Imagemagick Imagemagick
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2020-27762
A flaw was found in ImageMagick in coders/hdr.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char`. This would most likely lead to an impact to application avail...
Imagemagick Imagemagick
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2020-19667
Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7.
Imagemagick Imagemagick 7.0.10-7
Debian Debian Linux 9.0
3.3
CVSSv3
CVE-2020-27560
ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which may cause a denial of service.
Imagemagick Imagemagick 7.0.10-34
Debian Debian Linux 9.0
Opensuse Leap 15.2
7.1
CVSSv3
CVE-2020-13902
ImageMagick 7.0.9-27 up to and including 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image decoding.
Imagemagick Imagemagick
5.5
CVSSv3
CVE-2020-10251
In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image.
Imagemagick Imagemagick 7.0.9
7.8
CVSSv3
CVE-2014-1947
Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and previous versions allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L...
Imagemagick Imagemagick
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 11
1 EDB exploit
8.8
CVSSv3
CVE-2014-1958
Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick prior to 6.8.8-5 might allow remote malicious users to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030.
Imagemagick Imagemagick
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.10
Opensuse Opensuse 11.4
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »