Imagemagick CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (725 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2016-5239	2 Imagemagick, Redhat	2 Imagemagick, Enterprise Linux	2025-04-20	N/A
The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMagick allows remote attackers to execute arbitrary commands via unspecified vectors.
CVE-2017-5509	1 Imagemagick	1 Imagemagick	2025-04-20	7.8 High
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.
CVE-2017-12641	1 Imagemagick	1 Imagemagick	2025-04-20	8.8 High
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadOneJNGImage in coders\png.c.
CVE-2017-6497	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
An issue was discovered in ImageMagick 6.9.7. A specially crafted psd file could lead to a NULL pointer dereference (thus, a DoS).
CVE-2017-6498	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	N/A
An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could trigger assertion failures, thus leading to DoS.
CVE-2017-6499	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	N/A
An issue was discovered in Magick++ in ImageMagick 6.9.7. A specially crafted file creating a nested exception could lead to a memory leak (thus, a DoS).
CVE-2017-12640	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	8.8 High
ImageMagick 7.0.6-1 has an out-of-bounds read vulnerability in ReadOneMNGImage in coders/png.c.
CVE-2017-6501	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
An issue was discovered in ImageMagick 6.9.7. A specially crafted xcf file could lead to a NULL pointer dereference.
CVE-2015-8901	1 Imagemagick	1 Imagemagick	2025-04-20	6.5 Medium
ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file.
CVE-2016-10054	1 Imagemagick	1 Imagemagick	2025-04-20	7.8 High
Buffer overflow in the WriteMAPImage function in coders/map.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2017-7619	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms. This affects ModulateHSL, ModulateHCL, ModulateHCLp, ModulateHSB, ModulateHSI, ModulateHSV, ModulateHWB, ModulateLCHab, and ModulateLCHuv.
CVE-2017-7941	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	N/A
The ReadSGIImage function in sgi.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.
CVE-2017-7942	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The ReadAVSImage function in avs.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.
CVE-2017-7943	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	N/A
The ReadSVGImage function in svg.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.
CVE-2017-8344	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.5-5, the ReadPCXImage function in pcx.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-8345	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.5-5, the ReadMNGImage function in png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-8346	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.5-5, the ReadDCMImage function in dcm.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-8347	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.5-5, the ReadEXRImage function in exr.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-8348	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.5-5, the ReadMATImage function in mat.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2015-8897	2 Imagemagick, Redhat	2 Imagemagick, Enterprise Linux	2025-04-20	N/A
The SpliceImage function in MagickCore/transform.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (application crash) via a crafted png file.

« first previous Page 12 of 37. next last »