CVEs (767)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
2Debian Imagemagick2Debian Linux ImagemagickMay 13, 2026 Feb 15, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick before 7.0.3.3 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. |
Heap overflow in the WaveletDenoiseImage function in MagickCore/fx.c in ImageMagick before 6.9.6-4 and 7.x before 7.0.3-6 allows remote attackers to cause a denial of service (crash) via a crafted image. |
2Debian Imagemagick2Debian Linux ImagemagickMay 13, 2026 Jan 18, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to cause a denial of service (use-after-free) via a crafted file. |
2Debian Imagemagick2Debian Linux ImagemagickMay 13, 2026 Jan 18, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. |
The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file. |
Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds write. |
2Debian Imagemagick2Debian Linux ImagemagickMay 6, 2026 Dec 23, 2016 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be...Show more |
Buffer overflow in MagickCore/enhance.c in ImageMagick before 7.0.2-7 allows remote attackers to have unspecified impact via vectors related to pixel cache morphology. |
2Imagemagick Oracle2Imagemagick SolarisMay 6, 2026 Dec 13, 2016 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read, memory leak, and cra...Show more |
2Imagemagick Oracle2Imagemagick SolarisMay 6, 2026 Dec 13, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read. |
2Imagemagick Oracle2Imagemagick SolarisMay 6, 2026 Dec 13, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variabl...Show more |
2Imagemagick Oracle2Imagemagick SolarisMay 6, 2026 Dec 13, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3) pixel.blue. |
2Imagemagick Oracle2Imagemagick SolarisMay 6, 2026 Dec 13, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table...Show more |
2Imagemagick Oracle2Imagemagick SolarisMay 6, 2026 Dec 13, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks. |
2Imagemagick Oracle2Imagemagick SolarisMay 6, 2026 Dec 13, 2016 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trig...Show more |
2Imagemagick Oracle2Imagemagick SolarisMay 6, 2026 Dec 13, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4 allows remote attackers to have unspecified impact via a crafted DDS file, which triggers an out-of-bounds read. |
7Canonical DebianGraphicsmagick+4 more14Debian Linux GraphicsmagickImagemagick+11 moreMay 6, 2026 Jun 10, 2016 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename. |
The DrawImage function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 makes an incorrect function call in attempting to locate the next token, which allows remote attackers to cause a denial of...Show more |
The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which allows remote attacker...Show more |
The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices integer data, which allows remote attackers to cause a denial of service...Show more |