Imagemagick

imagemagick

Vendor: Imagemagick • 767 CVEs

CVEs (767)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2007-4987 1Imagemagick 1Imagemagick Apr 23, 2026 Sep 24, 2007 N/A· v4 N/A· v3 9.3 HIGH· v2 Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' characte...Show more Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address.Show less
CVE-2007-4986 1Imagemagick 1Imagemagick Apr 23, 2026 Sep 24, 2007 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Multiple integer overflows in ImageMagick before 6.3.5-9 allow context-dependent attackers to execute arbitrary code via a crafted (1) .dcm, (2) .dib, (3) .xbm, (4) .xcf, or (5) .xwd image file, which triggers a heap-bas...Show more Multiple integer overflows in ImageMagick before 6.3.5-9 allow context-dependent attackers to execute arbitrary code via a crafted (1) .dcm, (2) .dib, (3) .xbm, (4) .xcf, or (5) .xwd image file, which triggers a heap-based buffer overflow.Show less
CVE-2007-4985 1Imagemagick 1Imagemagick Apr 23, 2026 Sep 24, 2007 N/A· v4 N/A· v3 4.3 MEDIUM· v2 ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers (1) an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls;...Show more ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers (1) an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or (2) an infinite loop in the ReadXCFImage function, related to ReadBlobMSBLong function calls.Show less
CVE-2007-1797 1Imagemagick 1Imagemagick Apr 23, 2026 Apr 2, 2007 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote attackers to execute arbitrary code via (1) a crafted DCM image, which results in a heap-based overflow in the ReadDCMImage function, or (2) the (a) c...Show more Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote attackers to execute arbitrary code via (1) a crafted DCM image, which results in a heap-based overflow in the ReadDCMImage function, or (2) the (a) colors or (b) comments field in a crafted XWD image, which results in a heap-based overflow in the ReadXWDImage function, different issues than CVE-2007-1667.Show less
CVE-2007-0770 2Graphicsmagick Imagemagick 2Graphicsmagick Imagemagick Apr 23, 2026 Feb 12, 2007 N/A· v4 N/A· v3 9.3 HIGH· v2 Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a PALM image that is not properly handled by the ReadPALMImage...Show more Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. NOTE: this issue is due to an incomplete patch for CVE-2006-5456.Show less
CVE-2006-5868 3Canonical DebianImagemagick 3Debian Linux ImagemagickUbuntu Linux Apr 23, 2026 Nov 22, 2006 N/A· v4 N/A· v3 9.3 HIGH· v2 Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image.
CVE-2006-5456 2Graphicsmagick Imagemagick 2Graphicsmagick Imagemagick Apr 23, 2026 Oct 23, 2006 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handl...Show more Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c.Show less
CVE-2006-3744 1Imagemagick 1Imagemagick Apr 16, 2026 Aug 25, 2006 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arbitrary code via crafted Sun Rasterfile (bitmap) images that trigger heap-based buffer overflows.
CVE-2006-3743 1Imagemagick 1Imagemagick Apr 16, 2026 Aug 25, 2006 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Multiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted attackers to execute arbitrary code via crafted XCF images.
CVE-2006-4144 1Imagemagick 1Imagemagick Apr 16, 2026 Aug 15, 2006 N/A· v4 N/A· v3 2.6 LOW· v2 Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large (1) bytes_per_pixel, (2...Show more Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large (1) bytes_per_pixel, (2) columns, and (3) rows values, which trigger a heap-based buffer overflow.Show less
CVE-2006-2440 1Imagemagick 1Imagemagick Apr 16, 2026 May 18, 2006 N/A· v4 N/A· v3 7.5 HIGH· v2 Heap-based buffer overflow in the libMagick component of ImageMagick 6.0.6.2 might allow attackers to execute arbitrary code via an image index array that triggers the overflow during filename glob expansion by the Expan...Show more Heap-based buffer overflow in the libMagick component of ImageMagick 6.0.6.2 might allow attackers to execute arbitrary code via an image index array that triggers the overflow during filename glob expansion by the ExpandFilenames function.Show less
CVE-2006-0082 1Imagemagick 1Imagemagick Apr 16, 2026 Jan 4, 2006 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service (crash) and possibly execute a...Show more Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name, a variant of CVE-2005-0397, and as demonstrated using the convert program.Show less
CVE-2005-4601 1Imagemagick 1Imagemagick Apr 16, 2026 Dec 31, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename that is processed by the display command.
CVE-2005-3582 1Imagemagick 1Imagemagick Apr 16, 2026 Nov 16, 2005 N/A· v4 N/A· v3 7.2 HIGH· v2 ImageMagick before 6.2.4.2-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be lo...Show more ImageMagick before 6.2.4.2-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime.Show less
CVE-2005-1739 2Graphicsmagick Imagemagick 2Graphicsmagick Imagemagick Apr 16, 2026 May 24, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick before 1.1.6-r1, allows remote attackers to cause a denial of service (infinite loop) via an image with a zero color mask.
CVE-2005-0762 1Imagemagick 1Imagemagick Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Heap-based buffer overflow in the SGI parser in ImageMagick before 6.0 allows remote attackers to execute arbitrary code via a crafted SGI image file.
CVE-2005-0760 1Imagemagick 1Imagemagick Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The TIFF decoder in ImageMagick before 6.0 allows remote attackers to cause a denial of service (crash) via a crafted TIFF file.
CVE-2005-0397 1Imagemagick 1Imagemagick Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via forma...Show more Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a filename argument to convert, which may be called by other web applications.Show less
CVE-2005-0005 6Debian GentooGraphicsmagick+3 more 6Debian Linux GraphicsmagickImagemagick+3 more Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers.
CVE-2005-1275 2Graphicsmagick Imagemagick 2Graphicsmagick Imagemagick Apr 16, 2026 Apr 25, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a PNM file with a small colors value.

Previous 1...35 36 373839 Next