Export limit exceeded: 343925 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (726 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1275 | 3 Graphicsmagick, Imagemagick, Redhat | 3 Graphicsmagick, Imagemagick, Enterprise Linux | 2025-04-03 | N/A |
| Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a PNM file with a small colors value. | ||||
| CVE-2005-3582 | 1 Imagemagick | 1 Imagemagick | 2025-04-03 | N/A |
| ImageMagick before 6.2.4.2-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime. | ||||
| CVE-2005-4601 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2025-04-03 | N/A |
| The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename that is processed by the display command. | ||||
| CVE-2006-0082 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2025-04-03 | N/A |
| Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name, a variant of CVE-2005-0397, and as demonstrated using the convert program. | ||||
| CVE-2006-2440 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2025-04-03 | N/A |
| Heap-based buffer overflow in the libMagick component of ImageMagick 6.0.6.2 might allow attackers to execute arbitrary code via an image index array that triggers the overflow during filename glob expansion by the ExpandFilenames function. | ||||
| CVE-2006-3743 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2025-04-03 | N/A |
| Multiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted attackers to execute arbitrary code via crafted XCF images. | ||||
| CVE-2006-3744 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2025-04-03 | N/A |
| Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arbitrary code via crafted Sun Rasterfile (bitmap) images that trigger heap-based buffer overflows. | ||||
| CVE-2006-4144 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2025-04-03 | N/A |
| Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large (1) bytes_per_pixel, (2) columns, and (3) rows values, which trigger a heap-based buffer overflow. | ||||
| CVE-2003-0555 | 1 Imagemagick | 1 Imagemagick | 2025-04-03 | N/A |
| ImageMagick 5.4.3.x and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a "%x" filename, possibly triggering a format string vulnerability. | ||||
| CVE-2022-44268 | 1 Imagemagick | 1 Imagemagick | 2025-03-26 | 6.5 Medium |
| ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it). | ||||
| CVE-2022-44267 | 1 Imagemagick | 1 Imagemagick | 2025-03-26 | 6.5 Medium |
| ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for stdin input. | ||||
| CVE-2023-1906 | 2 Fedoraproject, Imagemagick | 3 Extra Packages For Enterprise Linux, Fedora, Imagemagick | 2025-02-10 | 5.5 Medium |
| A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service. | ||||
| CVE-2023-34152 | 3 Fedoraproject, Imagemagick, Redhat | 4 Extra Packages For Enterprise Linux, Fedora, Imagemagick and 1 more | 2025-01-13 | 9.8 Critical |
| A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable-pipes configured. | ||||
| CVE-2023-2157 | 1 Imagemagick | 1 Imagemagick | 2025-01-07 | 5.5 Medium |
| A heap-based buffer overflow vulnerability was found in the ImageMagick package that can lead to the application crashing. | ||||
| CVE-2023-34475 | 2 Fedoraproject, Imagemagick | 3 Extra Packages For Enterprise Linux, Fedora, Imagemagick | 2024-12-03 | 5.5 Medium |
| A heap use after free issue was discovered in ImageMagick's ReplaceXmpValue() function in MagickCore/profile.c. An attacker could trick user to open a specially crafted file to convert, triggering an heap-use-after-free write error, allowing an application to crash, resulting in a denial of service. | ||||
| CVE-2023-3195 | 2 Fedoraproject, Imagemagick | 3 Extra Packages For Enterprise Linux, Fedora, Imagemagick | 2024-12-03 | 5.5 Medium |
| A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c. This flaw allows an attacker to trick the user into opening a specially crafted malicious tiff file, causing an application to crash, resulting in a denial of service. | ||||
| CVE-2023-34151 | 4 Debian, Fedoraproject, Imagemagick and 1 more | 5 Debian Linux, Extra Packages For Enterprise Linux, Fedora and 2 more | 2024-12-02 | 5.5 Medium |
| A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546). | ||||
| CVE-2023-39978 | 2 Fedoraproject, Imagemagick | 2 Fedora, Imagemagick | 2024-11-27 | 3.3 Low |
| ImageMagick before 6.9.12-91 allows attackers to cause a denial of service (memory consumption) in Magick::Draw. | ||||
| CVE-2023-34474 | 2 Fedoraproject, Imagemagick | 3 Extra Packages For Enterprise Linux, Fedora, Imagemagick | 2024-11-21 | 5.5 Medium |
| A heap-based buffer overflow issue was discovered in ImageMagick's ReadTIM2ImageData() function in coders/tim2.c. A local attacker could trick the user in opening specially crafted file, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service. | ||||
| CVE-2023-1289 | 3 Fedoraproject, Imagemagick, Redhat | 4 Extra Packages For Enterprise Linux, Fedora, Imagemagick and 1 more | 2024-11-21 | 5.5 Medium |
| A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial of service. When ImageMagick crashes, it generates a lot of trash files. These trash files can be large if the SVG file contains many render actions. In a denial of service attack, if a remote attacker uploads an SVG file of size t, ImageMagick generates files of size 103*t. If an attacker uploads a 100M SVG, the server will generate about 10G. | ||||