Imagemagick CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (727 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2017-17880	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to a WEBP_DECODER_ABI_VERSION check.
CVE-2017-17883	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPGXImage in coders/pgx.c, which allows attackers to cause a denial of service via a crafted PGX image file.
CVE-2017-17884	2 Canonical, Imagemagick	2 Ubuntu Linux, Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function WriteOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted PNG image file.
CVE-2017-17885	2 Canonical, Imagemagick	2 Ubuntu Linux, Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allows attackers to cause a denial of service via a crafted PICT image file.
CVE-2017-17499	3 Canonical, Debian, Imagemagick	3 Ubuntu Linux, Debian Linux, Imagemagick	2025-04-20	9.8 Critical
ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp.
CVE-2014-9831	1 Imagemagick	1 Imagemagick	2025-04-20	8.8 High
coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted wpg file.
CVE-2017-17504	3 Canonical, Debian, Imagemagick	3 Ubuntu Linux, Debian Linux, Imagemagick	2025-04-20	6.5 Medium
ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage.
CVE-2014-9830	1 Imagemagick	1 Imagemagick	2025-04-20	8.8 High
coders/sun.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted sun file.
CVE-2016-5239	2 Imagemagick, Redhat	2 Imagemagick, Enterprise Linux	2025-04-20	N/A
The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMagick allows remote attackers to execute arbitrary commands via unspecified vectors.
CVE-2017-14739	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows remote attackers to cause a denial of service (NULL Pointer Dereference in DistortImage in MagickCore/distort.c, and application crash) via unspecified vectors.
CVE-2017-17680	2 Canonical, Imagemagick	2 Ubuntu Linux, Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted xpm image file.
CVE-2014-9829	1 Imagemagick	1 Imagemagick	2025-04-20	6.5 Medium
coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted sun file.
CVE-2016-5010	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
coders/tiff.c in ImageMagick before 6.9.5-3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF file.
CVE-2017-15218	2 Canonical, Imagemagick	2 Ubuntu Linux, Imagemagick	2025-04-20	N/A
ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c.
CVE-2017-13768	3 Canonical, Debian, Imagemagick	3 Ubuntu Linux, Debian Linux, Imagemagick	2025-04-20	6.5 Medium
Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to perform denial of service by sending a crafted image file.
CVE-2014-9826	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
ImageMagick allows remote attackers to have unspecified impact via vectors related to error handling in sun files.
CVE-2017-14741	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The ReadCAPTIONImage function in coders/caption.c in ImageMagick 7.0.7-3 allows remote attackers to cause a denial of service (infinite loop) via a crafted font file.
CVE-2017-15281	2 Canonical, Imagemagick	2 Ubuntu Linux, Imagemagick	2025-04-20	N/A
ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to "Conditional jump or move depends on uninitialised value(s)."
CVE-2017-17681	2 Canonical, Imagemagick	2 Ubuntu Linux, Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted psd image file.
CVE-2014-9825	1 Imagemagick	1 Imagemagick	2025-04-20	7.8 High
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9824.

« first previous Page 15 of 37. next last »