Imagemagick CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (739 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2017-11530	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The ReadEPTImage function in coders/ept.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
CVE-2017-11539	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadOnePNGImage() function in coders/png.c.
CVE-2017-11644	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadMATImage() function in coders/mat.c.
CVE-2017-9098	3 Debian, Graphicsmagick, Imagemagick	3 Debian Linux, Graphicsmagick, Imagemagick	2025-04-20	7.5 High
ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image data on behalf of multiple users. This is caused by a missing initialization step in the ReadRLEImage function in coders/rle.c.
CVE-2017-11753	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The GetImageDepth function in MagickCore/attribute.c in ImageMagick 7.0.6-4 might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted Flexible Image Transport System (FITS) file.
CVE-2017-9141	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	6.5 Medium
In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the ResetImageProfileIterator function in MagickCore/profile.c because of missing checks in the ReadDDSImage function in coders/dds.c.
CVE-2017-9142	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	6.5 Medium
In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the WriteBlob function in MagickCore/blob.c because of missing checks in the ReadOneJNGImage function in coders/png.c.
CVE-2017-12140	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The ReadDCMImage function in coders\dcm.c in ImageMagick 7.0.6-1 has an integer signedness error leading to excessive memory consumption via a crafted DCM file.
CVE-2014-8354	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.
CVE-2014-8355	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).
CVE-2014-8562	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).
CVE-2014-8716	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and crash).
CVE-2017-9261	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.5-6 Q16, the ReadMNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9262	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.5-6 Q16, the ReadJNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2014-9828	1 Imagemagick	1 Imagemagick	2025-04-20	8.8 High
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file.
CVE-2014-9818	1 Imagemagick	1 Imagemagick	2025-04-20	5.5 Medium
ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a malformed sun file.
CVE-2014-9827	1 Imagemagick	1 Imagemagick	2025-04-20	8.8 High
coders/xpm.c in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file.
CVE-2014-9805	1 Imagemagick	1 Imagemagick	2025-04-20	5.5 Medium
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file.
CVE-2014-9806	1 Imagemagick	1 Imagemagick	2025-04-20	5.5 Medium
ImageMagick allows remote attackers to cause a denial of service (file descriptor consumption) via a crafted file.
CVE-2014-9807	1 Imagemagick	1 Imagemagick	2025-04-20	5.5 Medium
The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via unspecified vectors.

« first previous Page 19 of 37. next last »