Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
imagemagick vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-5341
A heap use-after-free flaw was found in coders/bmp.c in ImageMagick.
Imagemagick Imagemagick
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 38
NA
CVE-2023-5349
A memory leak flaw was found in ruby-magick, an interface between Ruby and ImageMagick. This issue can lead to a denial of service (DOS) by memory exhaustion.
Rmagick Rmagick
Fedoraproject Fedora 37
NA
CVE-2022-2441
The ImageMagick Engine plugin for WordPress is vulnerable to remote code execution via the 'cli_path' parameter in versions up to, and including 1.7.5. This makes it possible for unauthenticated users to run arbitrary commands leading to remote command execution, grante...
Orangelab Imagemagick Engine
1 Github repository
NA
CVE-2023-3428
A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. This issue may allow a local malicious user to trick the user into opening a specially crafted file, resulting in an application crash and denial of service.
Imagemagick Imagemagick
Fedoraproject Fedora -
Fedoraproject Extra Packages For Enterprise Linux 8.0
NA
CVE-2023-41892
Craft CMS is a platform for creating digital experiences. This is a high-impact, low-complexity attack vector. Users running Craft installations prior to 4.4.15 are encouraged to update to at least that version to mitigate the issue. This issue has been fixed in Craft CMS 4.4.15.
Craftcms Craft Cms
1 Metasploit module
5 Github repositories
NA
CVE-2021-40211
An issue exists with ImageMagick 7.1.0-4 via Division by zero in function ReadEnhMetaFile of coders/emf.c.
Imagemagick Imagemagick 7.1.0-4
NA
CVE-2022-48541
A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote malicious users to perform a denial of service via the "identify -help" command.
Imagemagick Imagemagick 7.0.10-45
Imagemagick Imagemagick 6.9.11-22
Fedoraproject Fedora 38
Fedoraproject Fedora 39
NA
CVE-2023-3823
In PHP versions 8.0.* prior to 8.0.30, 8.1.* prior to 8.1.22, and 8.2.* prior to 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded. This state is assumed to be unchanged unless the user explicitly c...
Php Php
Fedoraproject Fedora 38
Debian Debian Linux 10.0
NA
CVE-2023-3824
In PHP version 8.0.* prior to 8.0.30, 8.1.* prior to 8.1.22, and 8.2.* prior to 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.
Php Php
Fedoraproject Fedora 38
Debian Debian Linux 10.0
6 Github repositories
2 Articles
NA
CVE-2023-39978
ImageMagick prior to 6.9.12-91 allows malicious users to cause a denial of service (memory consumption) in Magick::Draw.
Imagemagick Imagemagick
Fedoraproject Fedora 37
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »