Imagemagick CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (702 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2017-9098	3 Debian, Graphicsmagick, Imagemagick	3 Debian Linux, Graphicsmagick, Imagemagick	2025-04-20	7.5 High
ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image data on behalf of multiple users. This is caused by a missing initialization step in the ReadRLEImage function in coders/rle.c.
CVE-2016-7534	1 Imagemagick	1 Imagemagick	2025-04-20	6.5 Medium
The generic decoder in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted file.
CVE-2016-10047	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
Memory leak in the NewXMLTree function in magick/xml-tree.c in ImageMagick before 6.9.4-7 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML file.
CVE-2016-10058	1 Imagemagick	1 Imagemagick	2025-04-20	5.5 Medium
Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick before 6.9.6-3 allows remote attackers to cause a denial of service (memory consumption) via a crafted image file.
CVE-2017-9262	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.5-6 Q16, the ReadJNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-12418	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c.
CVE-2017-12427	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The ProcessMSLScript function in coders/msl.c in ImageMagick before 6.9.9-5 and 7.x before 7.0.6-5 allows remote attackers to cause a denial of service (memory leak) via a crafted file, related to the WriteMSLImage function.
CVE-2017-12432	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadPCXImage in coders/pcx.c, which allows attackers to cause a denial of service.
CVE-2017-8765	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The function named ReadICONImage in coders\icon.c in ImageMagick 7.0.5-5 has a memory leak vulnerability which can cause memory exhaustion via a crafted ICON file.
CVE-2014-9804	1 Imagemagick	1 Imagemagick	2025-04-20	7.5 High
vision.c in ImageMagick allows remote attackers to cause a denial of service (infinite loop) via vectors related to "too many object."
CVE-2014-9807	1 Imagemagick	1 Imagemagick	2025-04-20	5.5 Medium
The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via unspecified vectors.
CVE-2014-9812	1 Imagemagick	1 Imagemagick	2025-04-20	5.5 Medium
ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted ps file.
CVE-2014-9814	1 Imagemagick	1 Imagemagick	2025-04-20	5.5 Medium
ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted wpg file.
CVE-2014-9816	1 Imagemagick	1 Imagemagick	2025-04-20	5.5 Medium
ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff file.
CVE-2014-9819	1 Imagemagick	1 Imagemagick	2025-04-20	7.8 High
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9823.
CVE-2014-9822	1 Imagemagick	1 Imagemagick	2025-04-20	7.8 High
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted quantum file.
CVE-2014-9825	1 Imagemagick	1 Imagemagick	2025-04-20	7.8 High
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9824.
CVE-2014-9827	1 Imagemagick	1 Imagemagick	2025-04-20	8.8 High
coders/xpm.c in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file.
CVE-2014-9834	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file.
CVE-2014-9836	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service via a crafted xpm file.

« first previous Page 20 of 36. next last »