Home/Product/imagemagick
Product

imagemagick

500 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-42050
< 6.9.13-46
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-21 and 6.9.13-46, a
5.5MEDIUM
 CVE-2026-40312
< 7.1.2-19
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, an off
6.2MEDIUM
 CVE-2026-40311
< 6.9.13-44
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions below 7.1.2-19 and 6.9.13-
5.5MEDIUM
 CVE-2026-40310
< 6.9.13-44
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions below both 7.1.2-19 and 6.
5.5MEDIUM
 CVE-2026-40183
< 7.1.2-19
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, the JXL
5.5MEDIUM
 CVE-2026-40169
< 7.1.2-19
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, a craft
6.2MEDIUM
 CVE-2026-34238
< 6.9.13-44
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and
5.1MEDIUM
 CVE-2026-33908
< 6.9.13-44
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and
7.5HIGH
 CVE-2026-33905
< 6.9.13-44
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and
5.5MEDIUM
 CVE-2026-33902
< 6.9.13-44
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and
5.5MEDIUM
 CVE-2026-33901
< 6.9.13-44
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and
7.5HIGH
 CVE-2026-33900
< 6.9.13-44
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and
5.9MEDIUM
 CVE-2026-33899
< 6.9.13-44
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-189 and 6.9
5.3MEDIUM
 CVE-2026-33536
< 6.9.13-43
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, du
5.1MEDIUM
 CVE-2026-33535
< 6.9.13-43
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, an
4.0MEDIUM
 CVE-2026-32636
< 6.9.13-42
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-17 and 6.9.13-42, th
5.3MEDIUM
 CVE-2026-32259
< 6.9.13-41
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-16 and 6.9.13-41, wh
6.7MEDIUM
 CVE-2026-31853
< 6.9.13-41
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-16 and 6.9.13-41, an
5.7MEDIUM
 CVE-2026-30937
< 6.9.13-41
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.
6.8MEDIUM
 CVE-2026-30936
< 6.9.13-41
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.
5.5MEDIUM
 CVE-2026-30935
< 7.1.2-16
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16, Bilater
4.4MEDIUM
 CVE-2026-30931
< 7.1.2-16
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16, a heap-
6.8MEDIUM
 CVE-2026-30929
< 6.9.13-41
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.
7.7HIGH
 CVE-2026-30883
< 6.9.13-41
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.
5.7MEDIUM
 CVE-2026-28693
< 6.9.13-41
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.
8.1HIGH
 CVE-2026-28692
< 6.9.13-41
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.
4.8MEDIUM
 CVE-2026-28691
< 6.9.13-41
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.
7.5HIGH
 CVE-2026-28690
< 6.9.13-41
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.
6.9MEDIUM
 CVE-2026-28689
< 6.9.13-41
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.
6.3MEDIUM
 CVE-2026-28688
< 6.9.13-41
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.
4.0MEDIUM
 CVE-2026-28687
< 6.9.13-41
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.
5.3MEDIUM
 CVE-2026-28686
< 6.9.13-41
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.
6.8MEDIUM
 CVE-2026-28494
< 6.9.13-41
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.
7.1HIGH
 CVE-2026-28493
< 7.1.2-16
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16, an inte
6.5MEDIUM
 CVE-2026-27799
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
4.0MEDIUM
 CVE-2026-27798
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
4.0MEDIUM
 CVE-2026-26983
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
5.3MEDIUM
 CVE-2026-26284
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
6.5MEDIUM
 CVE-2026-26283
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
6.2MEDIUM
 CVE-2026-26066
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
6.2MEDIUM
 CVE-2026-25989
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
7.5HIGH
 CVE-2026-25988
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
5.3MEDIUM
 CVE-2026-25987
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
5.3MEDIUM
 CVE-2026-25986
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
5.3MEDIUM
 CVE-2026-25985
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
7.5HIGH
 CVE-2026-25983
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
5.3MEDIUM
 CVE-2026-25982
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
6.5MEDIUM
 CVE-2026-25971
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
6.2MEDIUM
 CVE-2026-25970
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
5.3MEDIUM
 CVE-2026-25969
< 7.1.2-15
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a memory
5.3MEDIUM
 CVE-2026-25968
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
7.4HIGH
 CVE-2026-25967
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a stack-
7.4HIGH
 CVE-2026-25966
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. The shipped "secure" security polic
5.9MEDIUM
 CVE-2026-25965
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
8.6HIGH
 CVE-2026-25898
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
6.5MEDIUM
 CVE-2026-25897
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
6.5MEDIUM
 CVE-2026-25799
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
5.3MEDIUM
 CVE-2026-25798
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
5.3MEDIUM
 CVE-2026-25797
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
5.7MEDIUM
 CVE-2026-25796
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
5.3MEDIUM
 CVE-2026-25795
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
5.3MEDIUM
 CVE-2026-25794
< 7.1.2-15
ImageMagick is free and open-source software used for editing and manipulating digital images. WriteUHDRImage in coders/uhdr.c
8.2HIGH
 CVE-2026-25638
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
5.3MEDIUM
 CVE-2026-25637
< 7.1.2-15
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a memory
5.3MEDIUM
 CVE-2026-25576
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
5.1MEDIUM
 CVE-2026-24485
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
7.5HIGH
 CVE-2026-24484
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
5.3MEDIUM
 CVE-2026-24481
< 6.9.13-40
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.
7.5HIGH
 CVE-2026-23952
< 6.9.13-38
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions 14.10.1 and below have a N
6.5MEDIUM
 CVE-2026-23876
< 6.9.13-38
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-13 and 6.9.
8.1HIGH
 CVE-2026-23874
< 7.1.2-13
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-13 have a s
5.5MEDIUM
 CVE-2026-22770
< 7.1.2-13
ImageMagick is free and open-source software used for editing and manipulating digital images. The BilateralBlurImage method will
6.5MEDIUM
 CVE-2025-69204
< 7.1.2-12
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, in the W
5.3MEDIUM
 CVE-2025-68950
< 7.1.2-12
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick f
4.0MEDIUM
 CVE-2025-68618
< 7.1.2-12
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, using Ma
5.3MEDIUM
 CVE-2025-68469
< 7.1.1-14
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.1-14, ImageMag
3.3LOW
 CVE-2025-66628
< 7.1.2-10
ImageMagick is a software suite to create, edit, compose, or convert bitmap images. In versions 7.1.2-9 and prior, the TIM (PSX TI
7.5HIGH
 CVE-2025-65955
< 6.9.13-34
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, the
4.9MEDIUM
 CVE-2025-62594
< 7.1.2-8
ImageMagick is a software suite to create, edit, compose, or convert bitmap images. ImageMagick versions prior to 7.1.2-8 are vuln
4.7MEDIUM
 CVE-2025-62171
< 6.9.13-32
ImageMagick is an open source software suite for displaying, converting, and editing raster image files. In ImageMagick versions p
5.9MEDIUM
 CVE-2025-57807
< 6.9.13-29
ImageMagick is free and open-source software used for editing and manipulating digital images. ImageMagick versions lower than 14.
3.8LOW
 CVE-2025-57803
< 6.9.13-28
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1
7.5HIGH
 CVE-2025-55298
< 6.9.13-28
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.1
7.5HIGH
 CVE-2025-55212
< 6.9.13-28
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1
3.7LOW
 CVE-2025-55160
< 6.9.13-27
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1
6.1MEDIUM
 CVE-2025-55154
< 6.9.13-27
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1
8.8HIGH
 CVE-2025-55005
< 7.1.2-1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, when prep
5.5MEDIUM
 CVE-2025-55004
< 7.1.2-1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, ImageMagi
7.6HIGH
 CVE-2025-53101
< 6.9.13-26
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.
7.4HIGH
 CVE-2025-53019
< 6.9.13-26
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.
3.7LOW
 CVE-2025-53015
>= 7.1.1-7 and < 7.1.2-0
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0, infin
7.5HIGH
 CVE-2025-53014
< 6.9.13-26
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-0 and 6.9.1
3.7LOW
 CVE-2025-46393
< 7.1.1-44
In multispectral MIFF image processing in ImageMagick before 7.1.1-44, packet_size is mishandled (related to the rendering of all
2.9LOW
 CVE-2025-43965
< 7.1.1-44
In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used.
2.9LOW
 CVE-2024-41817
>= 7.0.11-13 and < 7.1.1-36
ImageMagick is a free and open-source software suite, used for editing and manipulating digital images. The AppImage version `Im
7.0HIGH
 CVE-2023-5341
< 7.1.2
A heap use-after-free flaw was found in coders/bmp.c in ImageMagick.
6.2MEDIUM
 CVE-2023-3428
< 7.1.1-19
A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. This issue may allow a local attacker to tr
6.2MEDIUM
 CVE-2022-48541
all versions
A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote attackers to perform a denial of service via the "identify -hel
7.1HIGH
 CVE-2021-40211
all versions
An issue was discovered with ImageMagick 7.1.0-4 via Division by zero in function ReadEnhMetaFile of coders/emf.c.
7.5HIGH
 CVE-2023-39978
< 6.9.12-91
ImageMagick before 6.9.12-91 allows attackers to cause a denial of service (memory consumption) in Magick::Draw.
3.3LOW
 CVE-2023-3745
>= 6.0 and < 6.9-11-0
A heap-based buffer overflow issue was found in ImageMagick's PushCharPixel() function in quantum-private.h. This issue may allow
5.5MEDIUM
 CVE-2023-3195
< 6.9.12-26
A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c. This flaw allows an attacker to trick the user into
5.5MEDIUM
 CVE-2023-34475
< 7.1.1-10
A heap use after free issue was discovered in ImageMagick's ReplaceXmpValue() function in MagickCore/profile.c. An attacker could
5.5MEDIUM
 CVE-2023-34474
< 7.1.1-10
A heap-based buffer overflow issue was discovered in ImageMagick's ReadTIM2ImageData() function in coders/tim2.c. A local attacker
5.5MEDIUM
 CVE-2023-2157
< 7.1.1-9
A heap-based buffer overflow vulnerability was found in the ImageMagick package that can lead to the application crashing.
5.5MEDIUM
 CVE-2023-34153
>= 7.1.0-1 and < 7.1.1-11
A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or vid
7.8HIGH
 CVE-2023-34152
< 7.1.1-11
A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable
9.8CRITICAL
 CVE-2023-34151
< 7.1.1-11
A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to size_t in svg,
5.5MEDIUM
 CVE-2023-1906
< 6.9.12-84
A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-imp
5.5MEDIUM
 CVE-2023-1289
< 7.1.1-0
A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. Thi
5.5MEDIUM
 CVE-2022-44268
all versions
ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image c
6.5MEDIUM
 CVE-2022-44267
all versions
ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could
6.5MEDIUM
 CVE-2022-3213
< 6.9.12-62
A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIFF file, it could lead to undef
5.5MEDIUM
 CVE-2022-1115
< 6.9.12-44
A heap-buffer-overflow flaw was found in ImageMagick’s PushShortPixel() function of quantum-private.h file. This vulnerability i
5.5MEDIUM
 CVE-2022-0284
< 7.1.0-20
A heap-based-buffer-over-read flaw was found in ImageMagick's GetPixelAlpha() function of 'pixel-accessor.h'. This vulnerability i
7.1HIGH
 CVE-2021-3574
all versions
A vulnerability was found in ImageMagick-7.0.11-5, where executing a crafted file with the convert command, ASAN detects memory le
3.3LOW
 CVE-2021-20224
< 6.9.11-57
An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-export.c. Function c
5.5MEDIUM
 CVE-2022-2719
< 7.1.0-30
In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was made in MagickWand/operation.c, d
5.5MEDIUM
 CVE-2022-32547
< 6.9.12-45
In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which
7.8HIGH
 CVE-2022-32546
< 6.9.12-44
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/p
7.8HIGH
 CVE-2022-32545
< 6.9.12-43
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/p
7.8HIGH
 CVE-2022-28463
>= 6.9.4-0 and < 6.9.12-44
ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow.
7.8HIGH
 CVE-2022-1114
>= 6.0 and < 6.9.12-43
A heap-use-after-free flaw was found in ImageMagick's RelinquishDCMInfo() function of dcm.c file. This vulnerability is triggered
7.1HIGH
 CVE-2021-4219
< 6.9.12-9
A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions and leads to a denial of service.
5.5MEDIUM
 CVE-2021-3610
>= 6.9.10.88 and < 6.9.12-14
A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage() in coders/ti
7.5HIGH
 CVE-2021-3596
< 7.0.10-31
A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This is
6.5MEDIUM
 CVE-2021-3962
all versions
A flaw was found in ImageMagick where it did not properly sanitize certain input before using it to invoke convert processes. This
7.8HIGH
 CVE-2021-39212
>= 6.9.12-0 and < 6.9.12-22
ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and
4.4MEDIUM
 CVE-2020-27769
< 7.0.9-0
In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize
3.3LOW
 CVE-2021-20313
< 7.0.11-0
A flaw was found in ImageMagick in versions before 7.0.11. A potential cipher leak when the calculate signatures in TransformSigna
7.5HIGH
 CVE-2021-20312
< 7.0.11-0
A flaw was found in ImageMagick in versions 7.0.11, where an integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c may tri
7.5HIGH
 CVE-2021-20311
< 7.0.11-0
A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero in sRGBTransformImage() in the MagickCore/colo
7.5HIGH
 CVE-2021-20310
< 7.0.11-0
A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero ConvertXYZToJzazbz() of MagickCore/colorspace.
7.5HIGH
 CVE-2021-20309
< 6.9.12
A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage() of MagickCore
7.5HIGH
 CVE-2020-27829
< 7.0.10-45
A heap based buffer overflow in coders/tiff.c may result in program crash and denial of service in ImageMagick before 7.0.10-45.
5.5MEDIUM
 CVE-2021-20246
< 6.9.11-62
A flaw was found in ImageMagick in MagickCore/resample.c. An attacker who submits a crafted file that is processed by ImageMagick
5.5MEDIUM
 CVE-2021-20245
< 6.9.11-62
A flaw was found in ImageMagick in coders/webp.c. An attacker who submits a crafted file that is processed by ImageMagick could tr
5.5MEDIUM
 CVE-2021-20244
< 7.0.10-62
A flaw was found in ImageMagick in MagickCore/visual-effects.c. An attacker who submits a crafted file that is processed by ImageM
5.5MEDIUM
 CVE-2021-20243
< 7.0.10-62
A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick co
5.5MEDIUM
 CVE-2021-20241
< 6.9.11-62
A flaw was found in ImageMagick in coders/jp2.c. An attacker who submits a crafted file that is processed by ImageMagick could tri
5.5MEDIUM
 CVE-2020-27768
< 7.0.9-0
In ImageMagick, there is an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h. This
3.3LOW
 CVE-2021-20176
< 6.9.11-57
A divide-by-zero flaw was found in ImageMagick 6.9.11-57 and 7.0.10-57 in gem.c. This flaw allows an attacker who submits a crafte
5.5MEDIUM
 CVE-2020-27758
< 6.9.10-68
A flaw was found in ImageMagick in coders/txt.c. An attacker who submits a crafted file that is processed by ImageMagick could tri
3.3LOW
 CVE-2020-27757
< 6.9.10-68
A floating point math calculation in ScaleAnyToQuantum() of /MagickCore/quantum-private.h could lead to undefined behavior in the
3.3LOW
 CVE-2020-27756
>= 6.9.9-34 and < 6.9.10-69
In ParseMetaGeometry() of MagickCore/geometry.c, image height and width calculations can lead to divide-by-zero conditions which a
5.5MEDIUM
 CVE-2020-27755
< 6.9.10-69
in SetImageExtent() of /MagickCore/image.c, an incorrect image depth size can cause a memory leak because the code which checks fo
3.3LOW
 CVE-2020-27754
< 6.9.10-69
In IntensityCompare() of /magick/quantize.c, there are calls to PixelPacketIntensity() which could return overflowed values to the
3.3LOW
 CVE-2020-27753
< 6.9.10-69
There are several memory leaks in the MIFF coder in /coders/miff.c due to improper image depth values, which can be triggered by a
5.5MEDIUM
 CVE-2020-27752
< 6.9.11-47
A flaw was found in ImageMagick in MagickCore/quantum-private.h. An attacker who submits a crafted file that is processed by Image
7.1HIGH
 CVE-2020-27751
< 6.9.10-69
A flaw was found in ImageMagick in MagickCore/quantum-export.c. An attacker who submits a crafted file that is processed by ImageM
3.3LOW
 CVE-2020-27750
< 6.9.10-68
A flaw was found in ImageMagick in MagickCore/colorspace-private.h and MagickCore/quantum.h. An attacker who submits a crafted fil
5.5MEDIUM
 CVE-2020-25676
< 6.9.10-69
In CatromWeights(), MeshInterpolate(), InterpolatePixelChannel(), InterpolatePixelChannels(), and InterpolatePixelInfo(), which ar
5.5MEDIUM
 CVE-2020-25675
< 6.9.10-69
In the CropImage() and CropImageToTiles() routines of MagickCore/transform.c, rounding calculations performed on unconstrained pix
3.3LOW
 CVE-2020-25674
< 6.9.10-68
WriteOnePNGImage() from coders/png.c (the PNG coder) has a for loop with an improper exit condition that can allow an out-of-bound
5.5MEDIUM
 CVE-2020-25667
< 6.9.10-69
TIFFGetProfiles() in /coders/tiff.c calls strstr() which causes a large out-of-bounds read when it searches for `"dc:format=\"imag
5.5MEDIUM
 CVE-2020-25666
< 6.9.10-69
There are 4 places in HistogramCompare() in MagickCore/histogram.c where an integer overflow is possible during simple math calcul
3.3LOW
 CVE-2020-25665
< 6.9.10-68
The PALM image coder at coders/palm.c makes an improper call to AcquireQuantumMemory() in routine WritePALMImage() because it need
5.5MEDIUM
 CVE-2020-25664
< 6.9.10-68
In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory() and memset() allows for an out-
6.1MEDIUM
 CVE-2020-25663
< 7.0.8-56
A call to ConformPixelInfo() in the SetImageAlphaChannel() routine of /MagickCore/channel.c caused a subsequent heap-use-after-fre
5.5MEDIUM
 CVE-2020-29599
>= 6.9.8-1 and < 6.9.11-40
ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for pas
7.8HIGH
 CVE-2020-27773
< 6.9.10-69
A flaw was found in ImageMagick in MagickCore/gem-private.h. An attacker who submits a crafted file that is processed by ImageMagi
3.3LOW
 CVE-2020-27772
< 6.9.10-69
A flaw was found in ImageMagick in coders/bmp.c. An attacker who submits a crafted file that is processed by ImageMagick could tri
3.3LOW
 CVE-2020-27776
< 6.9.10-69
A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick
3.3LOW
 CVE-2020-27775
< 6.9.10-69
A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick c
3.3LOW
 CVE-2020-27774
< 6.9.10-69
A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick
3.3LOW
 CVE-2020-27771
< 6.9.10-69
In RestoreMSCWarning() of /coders/pdf.c there are several areas where calls to GetPixelIndex() could result in values outside the
3.3LOW
 CVE-2020-27770
< 6.9.10-68
Due to a missing check for 0 value of replace_extent, it is possible for offset p to overflow in SubstituteString(), causing p
5.5MEDIUM
 CVE-2020-27767
< 6.9.10-69
A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick c
3.3LOW
 CVE-2020-27766
< 6.9.10-69
A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick
7.8HIGH
 CVE-2020-27765
< 6.9.10-69
A flaw was found in ImageMagick in MagickCore/segment.c. An attacker who submits a crafted file that is processed by ImageMagick c
3.3LOW
 CVE-2020-27764
< 6.9.10-69
In /MagickCore/statistic.c, there are several areas in ApplyEvaluateOperator() where a size_t cast should have been a ssize_t cast
3.3LOW
 CVE-2020-27763
< 6.9.10-68
A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick co
3.3LOW
 CVE-2020-27762
< 6.9.10-68
A flaw was found in ImageMagick in coders/hdr.c. An attacker who submits a crafted file that is processed by ImageMagick could tri
5.5MEDIUM
 CVE-2020-27761
< 6.9.10-69
WritePALMImage() in /coders/palm.c used size_t casts in several areas of a calculation which could lead to values outside the rang
3.3LOW
 CVE-2020-27760
< 6.9.10-68
In GammaImage() of /MagickCore/enhance.c, depending on the gamma value, it's possible to trigger a divide-by-zero condition wh
5.5MEDIUM
 CVE-2020-27759
< 6.9.10-68
In IntensityCompare() of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a
3.3LOW
 CVE-2020-19667
all versions
Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7.
7.8HIGH
 CVE-2020-27560
all versions
ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which may cause a denial of service.
3.3LOW
 CVE-2020-13902
>= 7.0.9-27 and <= 7.0.10-17
ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF im
7.1HIGH
 CVE-2020-10251
all versions
In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\heic.c. It can be
5.5MEDIUM
 CVE-2014-1947
<= 6.5.4
Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers
7.8HIGH
 CVE-2014-2030
all versions
Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attacker
8.8HIGH
 CVE-2014-1958
< 6.8.8-5
Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to exec
8.8HIGH
 CVE-2016-7524
< 6.9.4-0
coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
6.5MEDIUM
 CVE-2016-7523
< 6.9.4-0
coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
6.5MEDIUM
 CVE-2019-19952
>= 7.0.8-61 and < 7.0.9-7
In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGI
9.8CRITICAL
 CVE-2019-19949
>= 6.9.9-33 and < 6.9.10-43
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magi
9.1CRITICAL
 CVE-2019-19948
all versions
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.
9.8CRITICAL
 CVE-2014-8561
all versions
imagemagick 6.8.9.6 has remote DOS via infinite loop
6.5MEDIUM
 CVE-2019-18853
>= 7.0.0-0 and < 7.0.9-0
ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because XML_PARSE_HUGE is not properly restricted
6.5MEDIUM
 CVE-2019-17547
< 7.0.8-62
In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free.
8.8HIGH
 CVE-2019-17541
< 6.9.10-55
ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandl
8.8HIGH
 CVE-2019-17540
>= 6.9.10-54 and < 6.9.10-55
ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.
8.8HIGH
 CVE-2019-16713
all versions
ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.
6.5MEDIUM
 CVE-2019-16712
all versions
ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image.
6.5MEDIUM
 CVE-2019-16711
all versions
ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.
6.5MEDIUM
 CVE-2019-16710
all versions
ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.
6.5MEDIUM
 CVE-2019-16709
all versions
ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.
6.5MEDIUM
 CVE-2019-16708
all versions
ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.
6.5MEDIUM
 CVE-2019-15141
all versions
WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resul
6.5MEDIUM
 CVE-2019-15140
all versions
coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application cras
8.8HIGH
 CVE-2019-15139
all versions
The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a deni
6.5MEDIUM
 CVE-2019-14981
>= 6.0 and < 6.9.10-41
In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage functio
6.5MEDIUM
 CVE-2019-14980
>= 6.0 and < 6.9.10-42
In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function tha
6.5MEDIUM
 CVE-2019-13454
>= 7.0.1-0 and <= 7.0.8-54
ImageMagick 7.0.1-0 to 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.
6.5MEDIUM
 CVE-2019-13391
all versions
In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to
8.8HIGH
 CVE-2019-13311
all versions
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.
6.5MEDIUM
 CVE-2019-13310
all versions
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c.
6.5MEDIUM
 CVE-2019-13309
all versions
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorIm
6.5MEDIUM
 CVE-2019-13308
all versions
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage.
8.8HIGH
 CVE-2019-13307
all versions
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows.
7.8HIGH
 CVE-2019-13306
all versions
ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.
7.8HIGH
 CVE-2019-13305
all versions
ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an
7.8HIGH
 CVE-2019-13304
all versions
ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment.
7.8HIGH
 CVE-2019-13303
all versions
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/composite.c in CompositeImage.
8.8HIGH
 CVE-2019-13302
all versions
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/fourier.c in ComplexImages.
8.8HIGH
 CVE-2019-13301
all versions
ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.
6.5MEDIUM
 CVE-2019-13300
all versions
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling colum
8.8HIGH
 CVE-2019-13299
all versions
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/pixel-accessor.h in GetPixelChannel.
8.8HIGH
 CVE-2019-13298
all versions
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/pixel-accessor.h in SetPixelViaPixelInfo because of a Magi
8.8HIGH
 CVE-2019-13297
all versions
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of
8.8HIGH
 CVE-2019-13296
all versions
ImageMagick 7.0.8-50 Q16 has direct memory leaks in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand
6.5MEDIUM
 CVE-2019-13295
all versions
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of
8.8HIGH
 CVE-2019-13137
< 6.9.10-50
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.
6.5MEDIUM
 CVE-2019-13136
< 7.0.8-50
ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c.
7.8HIGH
 CVE-2019-13135
< 6.9.10-50
ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c.
8.8HIGH
 CVE-2019-13134
>= 7.0.0-0 and < 7.0.8-50
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c.
5.5MEDIUM
 CVE-2019-13133
>= 7.0.0-0 and < 7.0.8-50
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c.
5.5MEDIUM
 CVE-2019-12979
all versions
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. Thi
7.8HIGH
 CVE-2019-12978
all versions
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the ReadPANGOImage function in coders/pango.c.
7.8HIGH
 CVE-2019-12977
all versions
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the WriteJP2Image function in coders/jp2.c.
7.8HIGH
 CVE-2019-12976
all versions
ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c.
5.5MEDIUM
 CVE-2019-12975
all versions
ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.
5.5MEDIUM
 CVE-2019-12974
all versions
A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in Image
5.5MEDIUM
 CVE-2017-12806
all versions
In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function format8BIM, which allows attackers to cause a
7.5HIGH
 CVE-2017-12805
all versions
In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function ReadTIFFImage, which allows attackers to cause
7.5HIGH
 CVE-2019-10131
< 6.9.9-40
An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in cod
7.1HIGH
 CVE-2019-11598
all versions
In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an
8.1HIGH
 CVE-2019-11597
all versions
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows
8.1HIGH
 CVE-2019-11472
all versions
ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-
6.5MEDIUM
 CVE-2019-11470
all versions
The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource cons
6.5MEDIUM
 CVE-2019-10714
< 6.9.10-32
LocaleLowercase in MagickCore/locale.c in ImageMagick before 7.0.8-32 allows out-of-bounds access, leading to a SIGSEGV.
6.5MEDIUM
 CVE-2019-10650
all versions
In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows
8.1HIGH
 CVE-2019-10649
all versions
In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to
5.5MEDIUM
 CVE-2019-9956
all versions
In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an at
8.8HIGH
 CVE-2019-7175
< 6.9.10-25
In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.
7.5HIGH
 CVE-2019-7398
< 6.9.10-25
In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.
7.5HIGH
 CVE-2019-7397
< 6.9.10-25
In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.
7.5HIGH
 CVE-2019-7396
< 6.9.10-25
In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.
7.5HIGH
 CVE-2019-7395
< 6.9.10-25
In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.
7.5HIGH
 CVE-2018-20467
< 6.9.10-16
In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory co
6.5MEDIUM
 CVE-2018-18544
all versions
There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScrip
6.5MEDIUM
 CVE-2018-18025
all versions
In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the EncodeImage function of coders/pict.c, which allows att
6.5MEDIUM
 CVE-2018-18024
all versions
In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ReadBMPImage function of the coders/bmp.c file. Remote attackers cou
6.5MEDIUM
 CVE-2018-18023
all versions
In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the SVGStripString function of coders/svg.c, which allows a
6.5MEDIUM
 CVE-2018-18016
all versions
ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePCXImage in coders/pcx.c.
6.5MEDIUM
 CVE-2018-17967
all versions
ImageMagick 7.0.7-28 has a memory leak vulnerability in ReadBGRImage in coders/bgr.c.
6.5MEDIUM
 CVE-2018-17966
all versions
ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePDBImage in coders/pdb.c.
6.5MEDIUM
 CVE-2018-17965
all versions
ImageMagick 7.0.7-28 has a memory leak vulnerability in WriteSGIImage in coders/sgi.c.
6.5MEDIUM
 CVE-2018-16750
< 6.9.9-42
In ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfromBuffer function in coders/meta.c was found.
6.5MEDIUM
 CVE-2018-16749
< 6.9.9-42
In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial
6.5MEDIUM
 CVE-2018-16645
all versions
There is an excessive memory allocation issue in the functions ReadBMPImage of coders/bmp.c and ReadDIBImage of coders/dib.c in Im
6.5MEDIUM
 CVE-2018-16644
all versions
There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagic
6.5MEDIUM
 CVE-2018-16643
all versions
The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders/cals.c, and ReadPICTImage in cod
6.5MEDIUM
 CVE-2018-16642
all versions
The function InsertRow in coders/cut.c in ImageMagick 7.0.7-37 allows remote attackers to cause a denial of service via a crafted
6.5MEDIUM
 CVE-2018-16641
all versions
ImageMagick 7.0.8-6 has a memory leak vulnerability in the TIFFWritePhotoshopLayers function in coders/tiff.c.
6.5MEDIUM
 CVE-2018-16640
all versions
ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ReadOneJNGImage in coders/png.c.
6.5MEDIUM
 CVE-2018-16413
all versions
ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the MagickCore/quantum-private.h PushShortPixel function when called
8.8HIGH
 CVE-2018-16412
all versions
ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function.
8.8HIGH
 CVE-2018-16329
< 7.0.8-8
In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c.
9.8CRITICAL
 CVE-2018-16328
< 7.0.8-8
In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c.
9.8CRITICAL
 CVE-2018-16323
< 6.9.10-9
ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negati
6.5MEDIUM
 CVE-2018-15607
all versions
In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x4c 0x36 0x38 0x36 0x1f 0x35 0x5
6.5MEDIUM
 CVE-2018-14551
all versions
The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses an uninitialized variable, leading to memory corruption.
9.8CRITICAL
 CVE-2018-14437
all versions
ImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c.
6.5MEDIUM
 CVE-2018-14436
all versions
ImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in coders/miff.c.
6.5MEDIUM
 CVE-2018-14435
all versions
ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c.
6.5MEDIUM
 CVE-2018-14434
all versions
ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c.
6.5MEDIUM
 CVE-2018-13153
all versions
In ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand function in MagickCore/animate.c.
6.5MEDIUM
 CVE-2018-12600
all versions
In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a c
8.8HIGH
 CVE-2018-12599
all versions
In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a c
8.8HIGH
 CVE-2018-11656
all versions
In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function ReadDCMImage in coders/dcm.c, which allo
6.5MEDIUM
 CVE-2018-11655
all versions
In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function GetImagePixelCache in MagickCore/cache.c
6.5MEDIUM
 CVE-2018-11625
all versions
In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via
8.8HIGH
 CVE-2018-11624
all versions
In ImageMagick 7.0.7-36 Q16, the ReadMATImage function in coders/mat.c allows attackers to cause a use after free via a crafted fi
8.8HIGH
 CVE-2018-11251
>= 7.0.7-16 and < 7.0.7-21
In ImageMagick 7.0.7-23 Q16 x86_64 2018-01-24, there is a heap-based buffer over-read in ReadSUNImage in coders/sun.c, which allow
6.5MEDIUM
 CVE-2017-18273
all versions
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt
6.5MEDIUM
 CVE-2017-18272
>= 7.0.7-16 and < 7.0.7-21
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-25, there is a use-after-free in ReadOneMNGImage in coders/png.c, which allows attacker
6.5MEDIUM
 CVE-2017-18271
all versions
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/mi
6.5MEDIUM
 CVE-2018-10805
all versions
ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.
6.5MEDIUM
 CVE-2018-10804
all versions
ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c.
6.5MEDIUM
 CVE-2018-10177
all versions
In ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGImage function of the coders/png.c file. Remote attackers coul
6.5MEDIUM
 CVE-2018-9135
all versions
In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in IsWEBPImageLossless in coders/webp.c.
8.8HIGH
 CVE-2018-9133
all versions
ImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLabImage and EncodeLabImage functions (coders/tiff.c), which results
6.5MEDIUM
 CVE-2017-18254
all versions
An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c,
6.5MEDIUM
 CVE-2017-18253
all versions
An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LoadOpenCLDevices
6.5MEDIUM
 CVE-2017-18252
all versions
An issue was discovered in ImageMagick 7.0.7. The MogrifyImageList function in MagickWand/mogrify.c allows attackers to cause a de
6.5MEDIUM
 CVE-2017-18251
all versions
An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c,
6.5MEDIUM
 CVE-2017-18250
all versions
An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LogOpenCLBuildFai
6.5MEDIUM
 CVE-2018-8960
all versions
The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a
8.8HIGH
 CVE-2018-8804
all versions
WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.
8.8HIGH
 CVE-2017-18211
all versions
In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function saveBinaryCLProgram in magick/opencl.c be
9.8CRITICAL
 CVE-2017-18210
all versions
In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function BenchmarkOpenCLDevices in MagickCore/open
9.8CRITICAL
 CVE-2017-18209
all versions
In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability oc
8.8HIGH
 CVE-2018-7470
all versions
An issue was discovered in ImageMagick 7.0.7-22 Q16. The IsWEBPImageLossless function in coders/webp.c allows attackers to cause a
6.5MEDIUM
 CVE-2018-7443
all versions
The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly validate the amount of image data in a f
6.5MEDIUM
 CVE-2018-6930
all versions
A stack-based buffer over-read in the ComputeResizeImage function in the MagickCore/accelerate.c file of ImageMagick 7.0.7-22 allo
6.5MEDIUM
 CVE-2018-6876
all versions
The OLEProperty class in ole/oleprop.cpp in libfpx 1.3.1-10, as used in ImageMagick 7.0.7-22 Q16 and other products, allows remote
6.5MEDIUM
 CVE-2018-6405
< 6.9.9-35
In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be ov
6.5MEDIUM
 CVE-2017-18029
all versions
In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remot
6.5MEDIUM
 CVE-2017-18028
all versions
In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allo
6.5MEDIUM
 CVE-2017-18027
all versions
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote
6.5MEDIUM
 CVE-2018-5358
all versions
ImageMagick 7.0.7-22 Q16 has memory leaks in the EncodeImageAttributes function in coders/json.c, as demonstrated by the ReadPSDLa
6.5MEDIUM
 CVE-2018-5357
all versions
ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function in coders/dcm.c.
6.5MEDIUM
 CVE-2018-5248
all versions
In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to t
8.8HIGH
 CVE-2018-5247
all versions
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c.
6.5MEDIUM
 CVE-2018-5246
all versions
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c.
6.5MEDIUM
 CVE-2017-18022
all versions
In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c.
6.5MEDIUM
 CVE-2017-1000476
all versions
ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attac
6.5MEDIUM
 CVE-2017-1000445
< 6.9.9-15
ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to den
6.5MEDIUM
 CVE-2017-18008
all versions
In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in coders/pwp.c.
6.5MEDIUM
 CVE-2017-17934
all versions
ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with
6.5MEDIUM
 CVE-2017-17914
all versions
In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to
6.5MEDIUM
 CVE-2017-17887
all versions
In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function GetImagePixelCache in magick/cache.c, which all
6.5MEDIUM
 CVE-2017-17886
all versions
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows
6.5MEDIUM
 CVE-2017-17885
all versions
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allows at
6.5MEDIUM
 CVE-2017-17884
all versions
In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function WriteOnePNGImage in coders/png.c, which allows
6.5MEDIUM
 CVE-2017-17883
all versions
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPGXImage in coders/pgx.c, which allows atta
6.5MEDIUM
 CVE-2017-17882
all versions
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows atta
6.5MEDIUM
 CVE-2017-17881
all versions
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows atta
6.5MEDIUM
 CVE-2017-17880
all versions
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related
8.8HIGH
 CVE-2017-17879
all versions
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related
8.8HIGH
 CVE-2017-17682
all versions
In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows
6.5MEDIUM
 CVE-2017-17681
all versions
In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which all
6.5MEDIUM
 CVE-2017-17680
all versions
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows atta
6.5MEDIUM
 CVE-2017-17504
< 6.9.9-24
ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related
6.5MEDIUM
 CVE-2017-17499
>= 7.0.0-0 and < 7.0.7-12
ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp.
9.8CRITICAL
 CVE-2017-16546
all versions
The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, w
8.8HIGH
 CVE-2017-15281
all versions
ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of service (application crash) or po
8.8HIGH
 CVE-2017-15277
all versions
ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a G
6.5MEDIUM
 CVE-2017-15218
all versions
ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c.
6.5MEDIUM
 CVE-2017-15217
all versions
ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c.
6.5MEDIUM
 CVE-2017-15033
all versions
ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c.
7.5HIGH
 CVE-2017-15032
all versions
ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.
9.8CRITICAL
 CVE-2017-15017
all versions
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c.
8.8HIGH
 CVE-2017-15016
all versions
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadEnhMetaFile in coders/emf.c.
8.8HIGH
 CVE-2017-15015
all versions
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDelegateMessage in coders/pdf.c.
8.8HIGH
 CVE-2017-14989
all versions
A use-after-free in RenderFreetype in MagickCore/annotate.c in ImageMagick 7.0.7-4 Q16 allows attackers to crash the application v
6.5MEDIUM
 CVE-2017-14741
all versions
The ReadCAPTIONImage function in coders/caption.c in ImageMagick 7.0.7-3 allows remote attackers to cause a denial of service (inf
6.5MEDIUM
 CVE-2017-14739
all versions
The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocatio
7.5HIGH
 CVE-2017-14684
all versions
In ImageMagick 7.0.7-4 Q16, a memory leak vulnerability was found in the function ReadVIPSImage in coders/vips.c, which allows att
6.5MEDIUM
 CVE-2017-14682
all versions
GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote attackers to cause a denial of service (heap-based buffer ov
8.8HIGH
 CVE-2017-14626
all versions
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c.
9.8CRITICAL
 CVE-2017-14625
all versions
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_output_create in coders/sixel.c.
9.8CRITICAL
 CVE-2017-14624
all versions
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c.
9.8CRITICAL
 CVE-2017-14607
all versions
In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage has been reported in coders/tiff.c. An attacker co
8.1HIGH
 CVE-2017-14533
all versions
ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c.
6.5MEDIUM
 CVE-2017-14532
all versions
ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c.
9.8CRITICAL
 CVE-2017-14531
all versions
ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in coders/sun.c.
6.5MEDIUM
 CVE-2017-14528
all versions
The TIFFSetProfiles function in coders/tiff.c in ImageMagick 7.0.6 has incorrect expectations about whether LibTIFF TIFFGetField r
6.5MEDIUM
 CVE-2017-14505
all versions
DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to per
6.5MEDIUM
 CVE-2017-14400
all versions
In ImageMagick 7.0.7-1 Q16, the PersistPixelCache function in magick/cache.c mishandles the pixel cache nexus, which allows remote
6.5MEDIUM
 CVE-2017-14343
all versions
ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file.
6.5MEDIUM
 CVE-2017-14342
all versions
ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c via a crafted wpg image file.
6.5MEDIUM
 CVE-2017-14341
all versions
ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in coders/wpg.c, causing CPU exhaustion via a crafted wpg image
6.5MEDIUM
 CVE-2017-14326
all versions
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attac
6.5MEDIUM
 CVE-2017-14325
all versions
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function PersistPixelCache in magick/cache.c, which allow
6.5MEDIUM
 CVE-2017-14324
all versions
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attac
6.5MEDIUM
 CVE-2017-14249
all versions
ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in coders/mpc.c, leading to division by zero in GetPixelCacheTileSiz
6.5MEDIUM
 CVE-2017-14248
all versions
A heap-based buffer over-read in SampleImage() in MagickCore/resize.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause
6.5MEDIUM
 CVE-2017-14224
all versions
A heap-based buffer overflow in WritePCXImage in coders/pcx.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial
8.8HIGH
 CVE-2017-14175
all versions
In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU
6.5MEDIUM
 CVE-2017-14174
all versions
In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause
6.5MEDIUM
 CVE-2017-14173
all versions
In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, an integer overflow might occur for the addition operation
6.5MEDIUM
 CVE-2017-14172
all versions
In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU c
6.5MEDIUM
 CVE-2017-14139
all versions
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMSLImage in coders/msl.c.
6.5MEDIUM
 CVE-2017-14138
all versions
ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error
9.8CRITICAL
 CVE-2017-14137
all versions
ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue where memory allocation is excessive because it depends only on
7.5HIGH
 CVE-2017-12693
all versions
The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory cons
6.5MEDIUM
 CVE-2017-12692
all versions
The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory co
6.5MEDIUM
 CVE-2017-12691
all versions
The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory cons
6.5MEDIUM
 CVE-2017-14060
all versions
In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in the ReadCUTImage function in coders/cut.c that could allow
6.5MEDIUM
 CVE-2017-13769
< 6.9.9-11
The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of ser
6.5MEDIUM
 CVE-2017-13768
< 6.9.9-11
Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker
6.5MEDIUM
 CVE-2017-13758
all versions
In ImageMagick 7.0.6-10, there is a heap-based buffer overflow in the TracePoint() function in MagickCore/draw.c.
6.5MEDIUM
 CVE-2017-12875
all versions
The WritePixelCachePixels function in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (CPU consumption) v
6.5MEDIUM
 CVE-2017-12877
< 6.9.9-6
Use-after-free vulnerability in the DestroyImage function in image.c in ImageMagick before 7.0.6-6 allows remote attackers to caus
6.5MEDIUM
 CVE-2017-12876
>= 7.0.0-0 and < 7.0.6-6
Heap-based buffer overflow in enhance.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a c
6.5MEDIUM
 CVE-2017-13658
<= 6.9.9-2
In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c,
6.5MEDIUM
 CVE-2017-13146
<= 6.9.8-4
In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory leak in the ReadMATImage function in coders/mat.c.
8.8HIGH
 CVE-2017-13145
<= 6.9.8-7
In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the cha
6.5MEDIUM
 CVE-2017-13144
<= 6.9.7-9
In ImageMagick before 6.9.7-10, there is a crash (rather than a "width or height exceeds limit" error report) if the image dimensi
6.5MEDIUM
 CVE-2017-13143
<= 6.9.7-5
In ImageMagick before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage function in coders/mat.c uses uninitialized data, which mig
7.5HIGH
 CVE-2017-13142
<= 6.9.9-0
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient c
6.5MEDIUM
 CVE-2017-13141
<= 6.9.9-3
In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could trigger a memory leak in ReadOnePNGImage in coders/png.
6.5MEDIUM
 CVE-2017-13140
<= 6.9.9-0
In ImageMagick before 6.9.9-1 and 7.x before 7.0.6-2, the ReadOnePNGImage function in coders/png.c allows remote attackers to caus
6.5MEDIUM
 CVE-2017-13139
<= 6.9.9-0
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with
9.8CRITICAL
 CVE-2017-13134
all versions
In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer over-read was found in the function SFWScan in coders/sfw.c,
6.5MEDIUM
 CVE-2017-13133
all versions
In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial
6.5MEDIUM
 CVE-2017-13132
all versions
In ImageMagick 7.0.6-8, the WritePDFImage function in coders/pdf.c operates on an incorrect data structure in the "dump uncompress
6.5MEDIUM
 CVE-2017-13131
all versions
In ImageMagick 7.0.6-8, a memory leak vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attacke
6.5MEDIUM
 CVE-2017-13062
all versions
In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function formatIPTC in coders/meta.c, which allows attackers
6.5MEDIUM
 CVE-2017-13061
all versions
In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which a
6.5MEDIUM
 CVE-2017-13060
all versions
In ImageMagick 7.0.6-5, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers
6.5MEDIUM
 CVE-2017-13059
all versions
In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WriteOneJNGImage in coders/png.c, which allows attac
6.5MEDIUM
 CVE-2017-13058
all versions
In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allows attacker
6.5MEDIUM
 CVE-2017-12983
all versions
Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a
8.8HIGH
 CVE-2017-12676
all versions
In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attack
6.5MEDIUM
 CVE-2017-12675
all versions
In ImageMagick 7.0.6-3, a missing check for multidimensional data was found in coders/mat.c, leading to a memory leak in the funct
6.5MEDIUM
 CVE-2017-12674
all versions
In ImageMagick 7.0.6-2, a CPU exhaustion vulnerability was found in the function ReadPDBImage in coders/pdb.c, which allows attack
6.5MEDIUM
 CVE-2017-12673
all versions
In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneMNGImage in coders/png.c, which allows attack
6.5MEDIUM
 CVE-2017-12672
all versions
In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers
6.5MEDIUM
 CVE-2017-12671
all versions
In ImageMagick 7.0.6-3, a missing NULL assignment was found in coders/png.c, leading to an invalid free in the function Relinquish
6.5MEDIUM
 CVE-2017-12670
all versions
In ImageMagick 7.0.6-3, missing validation was found in coders/mat.c, leading to an assertion failure in the function DestroyImage
6.5MEDIUM
 CVE-2017-12669
all versions
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteCALSImage in coders/cals.c.
8.8HIGH
 CVE-2017-12668
all versions
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePCXImage in coders/pcx.c.
8.8HIGH
 CVE-2017-12667
all versions
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMATImage in coders\mat.c.
8.8HIGH
 CVE-2017-12666
all versions
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteINLINEImage in coders/inline.c.
8.8HIGH
 CVE-2017-12665
all versions
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePICTImage in coders/pict.c.
8.8HIGH
 CVE-2017-12664
all versions
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePALMImage in coders/palm.c.
8.8HIGH
 CVE-2017-12663
all versions
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMAPImage in coders/map.c.
8.8HIGH
 CVE-2017-12662
all versions
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePDFImage in coders/pdf.c.
8.8HIGH
 CVE-2014-9831
< 6.9.4-0
coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted wpg file.
8.8HIGH
 CVE-2014-9830
< 6.9.4-0
coders/sun.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted sun file.
8.8HIGH
 CVE-2014-9828
< 6.9.4-0
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file.
8.8HIGH
 CVE-2014-9827
< 6.9.4-0
coders/xpm.c in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file.
8.8HIGH
 CVE-2017-12654
all versions
The ReadPICTImage function in coders/pict.c in ImageMagick 7.0.6-3 allows attackers to cause a denial of service (memory leak) via
6.5MEDIUM
 CVE-2017-12644
all versions
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadDCMImage in coders\dcm.c.
8.8HIGH
 CVE-2017-12643
all versions
ImageMagick 7.0.6-1 has a memory exhaustion vulnerability in ReadOneJNGImage in coders\png.c.
6.5MEDIUM
 CVE-2017-12642
all versions
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMPCImage in coders\mpc.c.
8.8HIGH
 CVE-2017-12641
all versions
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadOneJNGImage in coders\png.c.
8.8HIGH
 CVE-2017-12640
all versions
ImageMagick 7.0.6-1 has an out-of-bounds read vulnerability in ReadOneMNGImage in coders/png.c.
8.8HIGH
 CVE-2017-12587
all versions
ImageMagick 7.0.6-1 has a large loop vulnerability in the ReadPWPImage function in coders\pwp.c.
8.8HIGH
 CVE-2017-12566
all versions
In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMVGImage in coders/mvg.c, which allows attackers
6.5MEDIUM
 CVE-2017-12565
all versions
In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attack
6.5MEDIUM
 CVE-2017-12564
all versions
In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers
6.5MEDIUM
 CVE-2017-12563
all versions
In ImageMagick 7.0.6-2, a memory exhaustion vulnerability was found in the function ReadPSDImage in coders/psd.c, which allows att
6.5MEDIUM
 CVE-2017-12435
all versions
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadSUNImage in coders/sun.c, which allows att
7.5HIGH
 CVE-2017-12434
all versions
In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in the function ReadMATImage in coders/mat.c, which allows at
6.5MEDIUM
 CVE-2017-12433
all versions
In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadPESImage in coders/pes.c, which allows attackers
6.5MEDIUM
 CVE-2017-12432
all versions
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadPCXImage in coders/pcx.c, which allows att
6.5MEDIUM
 CVE-2017-12431
all versions
In ImageMagick 7.0.6-1, a use-after-free vulnerability was found in the function ReadWMFImage in coders/wmf.c, which allows attack
6.5MEDIUM
 CVE-2017-12430
all versions
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows att
7.5HIGH
 CVE-2017-12429
all versions
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows a
7.5HIGH
 CVE-2017-12428
all versions
In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadWMFImage in coders/wmf.c, which allows attackers
7.5HIGH
 CVE-2017-12427
<= 6.9.9-4
The ProcessMSLScript function in coders/msl.c in ImageMagick before 6.9.9-5 and 7.x before 7.0.6-5 allows remote attackers to caus
6.5MEDIUM
 CVE-2017-12418
all versions
ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage functi
7.5HIGH
 CVE-2017-12140
all versions
The ReadDCMImage function in coders\dcm.c in ImageMagick 7.0.6-1 has an integer signedness error leading to excessive memory consu
6.5MEDIUM
 CVE-2017-11755
all versions
The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory l
6.5MEDIUM
 CVE-2017-11754
all versions
The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory l
6.5MEDIUM
 CVE-2017-11753
all versions
The GetImageDepth function in MagickCore/attribute.c in ImageMagick 7.0.6-4 might allow remote attackers to cause a denial of serv
6.5MEDIUM
 CVE-2017-11752
all versions
The ReadMAGICKImage function in coders/magick.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memor
6.5MEDIUM
 CVE-2017-11751
all versions
The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory l
6.5MEDIUM
 CVE-2017-11750
all versions
The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 and 7.0.6-4 allows remote attackers to cause a denial of servi
6.5MEDIUM
 CVE-2017-11724
all versions
The ReadMATImage function in coders/mat.c in ImageMagick through 6.9.9-3 and 7.x through 7.0.6-3 has memory leaks involving the qu
6.5MEDIUM
 CVE-2017-11644
all versions
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadMATImage() function in coder
6.5MEDIUM
 CVE-2017-11640
all versions
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to an address access exception in the WritePTIFImage() f
6.5MEDIUM
 CVE-2017-11639
all versions
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteCIPImage()
6.5MEDIUM
 CVE-2016-7539
<= 6.9.9-3
Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumpti
7.5HIGH
 CVE-2017-11540
all versions
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the GetPixelIndex()
6.5MEDIUM
 CVE-2017-11539
all versions
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadOnePNGImage() function in co
6.5MEDIUM
 CVE-2017-11538
all versions
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteOnePNGImage() function in c
6.5MEDIUM
 CVE-2017-11537
all versions
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Floating Point Exception (FPE) in the WritePALMImag
6.5MEDIUM
 CVE-2017-11536
all versions
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteJP2Image() function in code
6.5MEDIUM
 CVE-2017-11535
all versions
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WritePSImage() f
6.5MEDIUM
 CVE-2017-11534
all versions
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the lite_font_map() function in code
6.5MEDIUM
 CVE-2017-11533
all versions
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteUILImage()
6.5MEDIUM
 CVE-2017-11532
all versions
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteMPCImage() function in code
6.5MEDIUM
 CVE-2017-11531
all versions
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteHISTOGRAMImage() function i
6.5MEDIUM
 CVE-2017-11530
<= 6.9.8-10
The ReadEPTImage function in coders/ept.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a
6.5MEDIUM
 CVE-2017-11529
<= 6.9.8-10
The ReadMATImage function in coders/mat.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a
6.5MEDIUM
 CVE-2017-11528
<= 6.9.8-10
The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a
6.5MEDIUM
 CVE-2017-11527
<= 6.9.8-10
The ReadDPXImage function in coders/dpx.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a
6.5MEDIUM
 CVE-2017-11526
<= 6.9.8-10
The ReadOneMNGImage function in coders/png.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause
6.5MEDIUM
 CVE-2017-11525
<= 6.9.9-0
The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a
6.5MEDIUM
 CVE-2017-11524
<= 6.9.8-10
The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0 allows remote attackers to cause
6.5MEDIUM
 CVE-2017-11523
<= 6.9.9-0
The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause
6.5MEDIUM
 CVE-2017-11522
<= 6.9.9-0
The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to ca
6.5MEDIUM
 CVE-2017-11505
<= 6.9.9-0
The ReadOneJNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cau
6.5MEDIUM
 CVE-2017-11478
<= 6.9.9-0
The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to c
6.5MEDIUM
 CVE-2017-11450
< 6.9.9-0
coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly h
8.8HIGH
 CVE-2017-11449
< 6.9.9-0
coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remo
8.8HIGH
 CVE-2017-11448
< 6.9.9-0
The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information
6.5MEDIUM
 CVE-2017-11447
<= 7.0.6-0
The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick before 7.0.6-1 has memory leaks, causing denial of service.
6.5MEDIUM
 CVE-2017-11446
all versions
The ReadPESImage function in coders\pes.c in ImageMagick 7.0.6-1 has an infinite loop vulnerability that can cause CPU exhaustion
6.5MEDIUM
 CVE-2017-11360
all versions
The ReadRLEImage function in coders\rle.c in ImageMagick 7.0.6-1 has a large loop vulnerability via a crafted rle file that trigge
6.5MEDIUM
 CVE-2017-11352
< 6.9.8-9
In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. NOTE: t
6.5MEDIUM
 CVE-2017-11310
all versions
The read_user_chunk_callback function in coders\png.c in ImageMagick 7.0.6-1 Q16 2017-06-21 (beta) has memory leak vulnerabilities
8.8HIGH
 CVE-2017-11188
all versions
The ReadDPXImage function in coders\dpx.c in ImageMagick 7.0.6-0 has a large loop vulnerability that can cause CPU exhaustion via
7.5HIGH
 CVE-2017-11170
all versions
The ReadTGAImage function in coders\tga.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion
8.8HIGH
 CVE-2017-11166
all versions
The ReadXWDImage function in coders\xwd.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion
6.5MEDIUM
 CVE-2017-11141
all versions
The ReadMATImage function in coders\mat.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion
6.5MEDIUM
 CVE-2017-10995
all versions
The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0 allows remote attackers to cause a denial of service (heap-based
5.5MEDIUM
 CVE-2017-10928
all versions
In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain se
8.8HIGH
 CVE-2017-9501
all versions
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a de
6.5MEDIUM
 CVE-2017-9500
all versions
In ImageMagick 7.0.5-8 Q16, an assertion failure was found in the function ResetImageProfileIterator, which allows attackers to ca
6.5MEDIUM
 CVE-2017-9499
all versions
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function SetPixelChannelAttributes, which allows attackers to ca
6.5MEDIUM
 CVE-2017-9440
all versions
In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPSDChannel in coders/psd.c, which allows attackers to cause a
6.5MEDIUM
 CVE-2017-9439
all versions
In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a de
6.5MEDIUM
 CVE-2017-9409
all versions
In ImageMagick 7.0.5-5, the ReadMPCImage function in mpc.c allows attackers to cause a denial of service (memory leak) via a craft
6.5MEDIUM
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin