Imagemagick CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (661 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2017-14224	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
A heap-based buffer overflow in WritePCXImage in coders/pcx.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service or code execution via a crafted file.
CVE-2017-11141	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The ReadMATImage function in coders\mat.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted MAT file, related to incorrect ordering of a SetImageExtent call.
CVE-2016-7534	1 Imagemagick	1 Imagemagick	2025-04-20	6.5 Medium
The generic decoder in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted file.
CVE-2017-11447	1 Imagemagick	1 Imagemagick	2025-04-20	6.5 Medium
The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick before 7.0.6-1 has memory leaks, causing denial of service.
CVE-2017-11525	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
CVE-2017-11530	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The ReadEPTImage function in coders/ept.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
CVE-2016-7535	1 Imagemagick	1 Imagemagick	2025-04-20	6.5 Medium
coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PSD file.
CVE-2017-11538	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteOnePNGImage() function in coders/png.c.
CVE-2017-11540	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the GetPixelIndex() function, called from the WritePICONImage function in coders/xpm.c.
CVE-2016-9773	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
Heap-based buffer overflow in the IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9556.
CVE-2017-5511	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	9.8 Critical
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow.
CVE-2016-7533	1 Imagemagick	1 Imagemagick	2025-04-20	6.5 Medium
The ReadWPGImage function in coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WPG file.
CVE-2017-12666	1 Imagemagick	1 Imagemagick	2025-04-20	8.8 High
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteINLINEImage in coders/inline.c.
CVE-2014-9819	1 Imagemagick	1 Imagemagick	2025-04-20	7.8 High
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9823.
CVE-2016-9556	3 Debian, Imagemagick, Opensuse Project	3 Debian Linux, Imagemagick, Leap	2025-04-20	N/A
The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file.
CVE-2017-7942	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The ReadAVSImage function in avs.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.
CVE-2014-9837	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file.
CVE-2014-9839	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access).
CVE-2014-9845	5 Canonical, Imagemagick, Opensuse and 2 more	11 Ubuntu Linux, Imagemagick, Leap and 8 more	2025-04-20	N/A
The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.
CVE-2017-14139	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMSLImage in coders/msl.c.

« first previous Page 5 of 34. next last »