Imagemagick CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (740 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2017-8355	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.5-5, the ReadMTVImage function in mtv.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9144	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	6.5 Medium
In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c.
CVE-2016-7539	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
CVE-2017-8346	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.5-5, the ReadDCMImage function in dcm.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2014-9848	4 Canonical, Imagemagick, Opensuse and 1 more	10 Ubuntu Linux, Imagemagick, Leap and 7 more	2025-04-20	7.5 High
Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).
CVE-2016-7538	1 Imagemagick	1 Imagemagick	2025-04-20	6.5 Medium
coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
CVE-2017-7942	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The ReadAVSImage function in avs.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.
CVE-2017-8347	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.5-5, the ReadEXRImage function in exr.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-7606	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
coders/rle.c in ImageMagick 7.0.5-4 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
CVE-2017-8344	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.5-5, the ReadPCXImage function in pcx.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2016-7799	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	6.5 Medium
MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
CVE-2014-9852	3 Imagemagick, Opensuse, Suse	7 Imagemagick, Leap, Opensuse and 4 more	2025-04-20	9.8 Critical
distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors.
CVE-2016-7906	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	5.5 Medium
magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to cause a denial of service (use-after-free) via a crafted file.
CVE-2017-8343	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.5-5, the ReadAAIImage function in aai.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2016-8678	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the vendor says "This is a Q64 issue and we do not support Q64."
CVE-2017-5506	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2025-04-20	7.8 High
Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file.
CVE-2017-5508	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file.
CVE-2017-5509	1 Imagemagick	1 Imagemagick	2025-04-20	7.8 High
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.
CVE-2016-7537	1 Imagemagick	1 Imagemagick	2025-04-20	6.5 Medium
MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file.
CVE-2017-7619	1 Imagemagick	1 Imagemagick	2025-04-20	N/A
In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms. This affects ModulateHSL, ModulateHCL, ModulateHCLp, ModulateHSB, ModulateHSI, ModulateHSV, ModulateHWB, ModulateLCHab, and ModulateLCHuv.

« first previous Page 16 of 37. next last »