Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
imagemagick vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2022-0284
A heap-based-buffer-over-read flaw was found in ImageMagick's GetPixelAlpha() function of 'pixel-accessor.h'. This vulnerability is triggered when an attacker passes a specially crafted Tagged Image File Format (TIFF) image to convert it into a PICON file format. T...
Imagemagick Imagemagick
6.2
CVSSv3
CVE-2014-8716
The JPEG decoder in ImageMagick prior to 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and crash).
Imagemagick Imagemagick
5.5
CVSSv3
CVE-2020-25667
TIFFGetProfiles() in /coders/tiff.c calls strstr() which causes a large out-of-bounds read when it searches for `"dc:format=\"image/dng\"` within `profile` due to improper string handling, when a crafted input file is provided to ImageMagick. The patch uses a Strin...
Imagemagick Imagemagick
6.5
CVSSv3
CVE-2015-8901
ImageMagick 6.x prior to 6.9.0-5 Beta allows remote malicious users to cause a denial of service (infinite loop) via a crafted MIFF file.
Imagemagick Imagemagick
8.8
CVSSv3
CVE-2019-17541
ImageMagick prior to 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c.
Imagemagick Imagemagick
1 Github repository
6.5
CVSSv3
CVE-2015-8902
The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x prior to 6.9.0-5 Beta allows remote malicious users to cause a denial of service (infinite loop) via a crafted PDB file.
Imagemagick Imagemagick
9.8
CVSSv3
CVE-2018-16328
In ImageMagick prior to 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c.
Imagemagick Imagemagick
6.5
CVSSv3
CVE-2019-10714
LocaleLowercase in MagickCore/locale.c in ImageMagick prior to 7.0.8-32 allows out-of-bounds access, leading to a SIGSEGV.
Imagemagick Imagemagick
7.8
CVSSv3
CVE-2014-9823
Heap-based buffer overflow in ImageMagick allows remote malicious users to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9819.
Imagemagick Imagemagick -
7.8
CVSSv3
CVE-2014-9825
Heap-based buffer overflow in ImageMagick allows remote malicious users to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9824.
Imagemagick Imagemagick -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »