Imagemagick

imagemagick

Vendor: Imagemagick • 767 CVEs

CVEs (767)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2016-10066 1Imagemagick 1Imagemagick May 13, 2026 Mar 3, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 Buffer overflow in the ReadVIFFImage function in coders/viff.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a crafted file.
CVE-2016-10065 2Imagemagick Opensuse 2Imagemagick Leap May 13, 2026 Mar 3, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2016-10061 1Imagemagick 1Imagemagick May 13, 2026 Mar 3, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The ReadGROUP4Image function in coders/tiff.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (crash) via a crafted image f...Show more The ReadGROUP4Image function in coders/tiff.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (crash) via a crafted image file.Show less
CVE-2016-10071 1Imagemagick 1Imagemagick May 13, 2026 Mar 2, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file.
CVE-2016-10069 2Imagemagick Opensuse Project 2Imagemagick Leap May 13, 2026 Mar 2, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a mat file with an invalid number of frames.
CVE-2016-10068 3Imagemagick OpensuseOpensuse Project 3Imagemagick LeapLeap May 13, 2026 Mar 2, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file.
CVE-2016-10067 1Imagemagick 1Imagemagick May 13, 2026 Mar 2, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 magick/memory.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via vectors involving "too many exceptions," which trigger a buffer overflow.
CVE-2016-10064 2Imagemagick Opensuse 2Imagemagick Leap May 13, 2026 Mar 2, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2016-10063 1Imagemagick 1Imagemagick May 13, 2026 Mar 2, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file, related to extend validity.
CVE-2016-10062 1Imagemagick 1Imagemagick May 13, 2026 Mar 2, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
CVE-2016-10060 1Imagemagick 1Imagemagick May 13, 2026 Mar 2, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (application cras...Show more The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.Show less
CVE-2016-9559 2Debian Imagemagick 2Debian Linux Imagemagick May 13, 2026 Mar 1, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image.
CVE-2015-8903 1Imagemagick 1Imagemagick May 13, 2026 Feb 27, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file.
CVE-2015-8902 1Imagemagick 1Imagemagick May 13, 2026 Feb 27, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file.
CVE-2015-8901 1Imagemagick 1Imagemagick May 13, 2026 Feb 27, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file.
CVE-2015-8900 1Imagemagick 1Imagemagick May 13, 2026 Feb 27, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service (infinite loop) via a crafted HDR file.
CVE-2016-9773 1Imagemagick 1Imagemagick May 13, 2026 Feb 17, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 Heap-based buffer overflow in the IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file. NOTE:...Show more Heap-based buffer overflow in the IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9556.Show less
CVE-2016-8678 1Imagemagick 1Imagemagick May 13, 2026 Feb 15, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the vendor says "This is...Show more The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the vendor says "This is a Q64 issue and we do not support Q64."Show less
CVE-2016-8677 3Debian ImagemagickOpensuse 3Debian Linux ImagemagickOpensuse May 13, 2026 Feb 15, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 The AcquireQuantumPixels function in MagickCore/quantum.c in ImageMagick before 7.0.3-1 allows remote attackers to have unspecified impact via a crafted image file, which triggers a memory allocation failure.
CVE-2016-8866 2Imagemagick Opensuse 3Imagemagick LeapOpensuse May 13, 2026 Feb 15, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. NOTE: thi...Show more The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862.Show less

Previous 1...343536...39 Next