Imagemagick CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (665 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2017-12654	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The ReadPICTImage function in coders/pict.c in ImageMagick 7.0.6-3 allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-14624	2 Canonical, Imagemagick	2 Ubuntu Linux, Imagemagick	2025-04-20	N/A
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c.
CVE-2014-9833	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file.
CVE-2017-9501	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file.
CVE-2014-9805	1 Imagemagick	1 Imagemagick	2025-04-20	5.5 Medium
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file.
CVE-2017-9499	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function SetPixelChannelAttributes, which allows attackers to cause a denial of service via a crafted file.
CVE-2014-9832	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file.
CVE-2017-14739	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows remote attackers to cause a denial of service (NULL Pointer Dereference in DistortImage in MagickCore/distort.c, and application crash) via unspecified vectors.
CVE-2017-12641	1 Imagemagick	1 Imagemagick	2025-04-20	8.8 High
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadOneJNGImage in coders\png.c.
CVE-2014-9915	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
Off-by-one error in ImageMagick before 6.6.0-4 allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM profile.
CVE-2017-5507	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	7.5 High
Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache.
CVE-2017-12140	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The ReadDCMImage function in coders\dcm.c in ImageMagick 7.0.6-1 has an integer signedness error leading to excessive memory consumption via a crafted DCM file.
CVE-2017-17499	3 Canonical, Debian, Imagemagick	3 Ubuntu Linux, Debian Linux, Imagemagick	2025-04-20	9.8 Critical
ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp.
CVE-2017-5510	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	7.8 High
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.
CVE-2017-6501	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
An issue was discovered in ImageMagick 6.9.7. A specially crafted xcf file could lead to a NULL pointer dereference.
CVE-2017-9262	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.5-6 Q16, the ReadJNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2016-10049	1 Imagemagick	1 Imagemagick	2025-04-20	7.8 High
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
CVE-2016-10047	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
Memory leak in the NewXMLTree function in magick/xml-tree.c in ImageMagick before 6.9.4-7 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML file.
CVE-2017-11529	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The ReadMATImage function in coders/mat.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2014-9806	1 Imagemagick	1 Imagemagick	2025-04-20	5.5 Medium
ImageMagick allows remote attackers to cause a denial of service (file descriptor consumption) via a crafted file.

« first previous Page 16 of 34. next last »