Imagemagick Security Vulnerabilities

CVE-2016-7538

coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted...

CVE-2014-9907

coders/dds.c in ImageMagick allows remote attackers to cause a denial of service via a crafted DDS...

CVE-2016-7522

The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD...

CVE-2016-7529

coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted XCF...

CVE-2016-7531

MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PDB...

CVE-2016-7533

The ReadWPGImage function in coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WPG...

CVE-2016-7515

The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the number of...

CVE-2016-7519

The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted...

CVE-2016-7528

The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted VIFF...

CVE-2016-7537

MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB...

CVE-2017-7941

The ReadSGIImage function in sgi.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted...

CVE-2017-7943

The ReadSVGImage function in svg.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted...

CVE-2017-7942

The ReadAVSImage function in avs.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted...

CVE-2014-8354

The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image...

CVE-2014-8716

The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and...

CVE-2014-8562

DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds...

CVE-2014-9837

coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png...

CVE-2014-8355

PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds...

CVE-2017-7619

In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms. This affects ModulateHSL, ModulateHCL, ModulateHCLp, ModulateHSB, ModulateHSI, ModulateHSV, ModulateHWB, ModulateLCHab, and...

CVE-2017-7606

coders/rle.c in ImageMagick 7.0.5-4 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted...

CVE-2014-9829

coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted sun...

CVE-2014-9817

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pdb...

CVE-2014-9825

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than...

CVE-2014-9805

ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm...

CVE-2014-9813

ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted viff...

CVE-2014-9814

ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted wpg...

CVE-2014-9821

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm...

CVE-2014-9806

ImageMagick allows remote attackers to cause a denial of service (file descriptor consumption) via a crafted...

CVE-2014-9810

The dpx file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed dpx...

CVE-2014-9811

The xwd file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed xwd...

CVE-2014-9816

ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff...

CVE-2014-9819

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than...

CVE-2014-9820

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pnm...

CVE-2014-9822

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted quantum...

CVE-2014-9808

ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted dpc...

CVE-2014-9809

ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted xwd...

CVE-2014-9812

ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted ps...

CVE-2014-9818

ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a malformed sun...

CVE-2014-9823

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than...

CVE-2014-9824

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than...

CVE-2014-9826

ImageMagick allows remote attackers to have unspecified impact via vectors related to error handling in sun...

CVE-2014-9804

vision.c in ImageMagick allows remote attackers to cause a denial of service (infinite loop) via vectors related to "too many...

CVE-2014-9807

The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via unspecified...

CVE-2014-9815

ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted wpg...

CVE-2017-7275

The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and...

CVE-2017-5506

Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted...

CVE-2017-5509

coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds...

CVE-2017-5507

Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel...

CVE-2017-5508

Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF...

CVE-2017-5510

coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds...