Lucene search
+L

151 matches found

snyk
snyk
added 2026/07/01 9:19 p.m.3 views

Allocation of Resources Without Limits or Throttling

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

7.1CVSS6AI score0.0009EPSS
Exploits0References2
nvd
nvd
added 2026/07/01 7:16 p.m.6 views

CVE-2026-55595

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when providing invalid arguments to the connected-components option an infinite loop will occur. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26...

4.7CVSS0.0009EPSS
Exploits0References1
osv
osv
added 2026/07/01 7:16 p.m.2 views

UBUNTU-CVE-2026-55595

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when providing invalid arguments to the connected-components option an infinite loop will occur. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26...

4.7CVSS5.7AI score0.0009EPSS
Exploits0References3
cvelist
cvelist
added 2026/07/01 7:0 p.m.40 views

CVE-2026-55595 ImageMagick: Infinite Loop in connected-components when providing invalid arguments

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when providing invalid arguments to the connected-components option an infinite loop will occur. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26...

4.7CVSS0.0009EPSS
Exploits0References1
osv
osv
added 2026/07/01 7:0 p.m.4 views

CVE-2026-55595 ImageMagick: Infinite Loop in connected-components when providing invalid arguments

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when providing invalid arguments to the connected-components option an infinite loop will occur. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26...

4.7CVSS5.9AI score0.0009EPSS
Exploits0References3
cve
cve
added 2026/07/01 7:0 p.m.61 views

CVE-2026-55595

ImageMagick is affected by a vulnerability in the connected-components option. Prior to versions 6.9.13-51 and 7.1.2-26, providing invalid arguments to this option can cause an infinite loop (local attack vector, high availability impact) as described in the CVE notes. The issue has been fixed in...

4.7CVSS5.8AI score0.0009EPSS
Exploits0References1Affected Software1
ptsecurity
ptsecurity
added 2026/07/01 12:0 a.m.5 views

PT-2026-54855

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 6.9.13-51 ImageMagick versions prior to 7.1.2-26 Description An infinite loop occurs when invalid arguments are provided to the connected-components option. Recommendations Update to version 6.9.13-51. Update to...

9.1CVSS6AI score0.01849EPSS
Exploits4References105
redhatcve
redhatcve
added 2026/06/26 12:27 p.m.7 views

CVE-2026-56370

An out-of-bounds access vulnerability exists in ImageMagick's ConnectedComponentsImage function. By passing malformed connected-components definitions through the CLI, an attacker can cause a denial of service or potentially execute arbitrary code. Mitigation Prevent the injection of malformed...

7.8CVSS6.2AI score0.00121EPSS
Exploits0References5
susecve
susecve
added 2026/06/25 2:19 a.m.5 views

SUSE CVE-2026-56370

ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage when processing connected-components artifacts with invalid indices. Attackers can trigger access violations by specifying malformed connected-components definitions via CLI, causing denial of...

7.8CVSS6AI score0.00121EPSS
Exploits0References4
nessus
nessus
added 2026/06/25 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-56370

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage when processing connected-components artifacts with inval...

7.8CVSS6.2AI score0.00121EPSS
Exploits0References2
nvd
nvd
added 2026/06/24 1:16 p.m.12 views

CVE-2026-56370

ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage when processing connected-components artifacts with invalid indices. Attackers can trigger access violations by specifying malformed connected-components definitions via CLI, causing denial of...

7.8CVSS0.00121EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/06/24 11:53 a.m.6 views

CVE-2026-56370

ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage when processing connected-components artifacts with invalid indices. Attackers can trigger access violations by specifying malformed connected-components definitions via CLI, causing denial of...

7.8CVSS6AI score0.00121EPSS
Exploits0References3
cve
cve
added 2026/06/24 11:53 a.m.18 views

CVE-2026-56370

ImageMagick: CVE-2026-56370 is an out-of-bounds access vuln in ConnectedComponentsImage() when handling malformed connected-components artifacts, affecting ImageMagick before version 7.1.2-19. An invalid indices scenario via CLI can trigger access violations, potentially causing denial of service...

7.8CVSS6AI score0.00121EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2026/06/24 11:53 a.m.40 views

CVE-2026-56370 ImageMagick - Out-of-bounds Access in ConnectedComponentsImage via connected-components Artifact

ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage when processing connected-components artifacts with invalid indices. Attackers can trigger access violations by specifying malformed connected-components definitions via CLI, causing denial of...

4.8CVSS0.00121EPSS
Exploits0References2
euvd
euvd
added 2026/06/24 11:53 a.m.14 views

EUVD-2026-38756

ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage when processing connected-components artifacts with invalid indices. Attackers can trigger access violations by specifying malformed connected-components definitions via CLI, causing denial of...

4.8CVSS6AI score0.00121EPSS
Exploits0References2
osv
osv
added 2026/06/24 11:53 a.m.3 views

CVE-2026-56370 ImageMagick - Out-of-bounds Access in ConnectedComponentsImage via connected-components Artifact

ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage when processing connected-components artifacts with invalid indices. Attackers can trigger access violations by specifying malformed connected-components definitions via CLI, causing denial of...

4.8CVSS6AI score0.00121EPSS
Exploits0References4
osv
osv
added 2026/06/23 1:25 p.m.2 views

SUSE-SU-2026:2580-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues This update for ImageMagick fixes the following issues - CVE-2026-33899: Denial of Service via out-of-bounds write in XML parsing bsc1262154. - CVE-2026-33900: Denial of Service via integer truncation in viff encoder bsc1262156. -...

7.5CVSS6.1AI score0.01849EPSS
Exploits4References59
nessus
nessus
added 2026/06/22 12:0 a.m.20 views

Amazon Linux 2023 : ImageMagick, ImageMagick-c++, ImageMagick-c++-devel (ALAS2023-2026-1826)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1826 advisory. When writing an IPTC output file a malicious input file could cause an out of bounds read of a single byte. as per:...

7.5CVSS6.7AI score0.01849EPSS
Exploits4References32
susecve
susecve
added 2026/06/12 2:26 a.m.9 views

SUSE CVE-2026-45359

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation. This issue has been...

5.7CVSS5.4AI score0.00122EPSS
Exploits0References4
redhatcve
redhatcve
added 2026/06/10 11:33 p.m.10 views

CVE-2026-45359

A flaw was found in ImageMagick. A local attacker could exploit this vulnerability by providing an invalid 'connected-components:keep-top' value during image processing. This could lead to a heap buffer over-read, potentially resulting in information disclosure or a denial of service DoS...

7.1CVSS5.2AI score0.00122EPSS
Exploits0References4
Rows per page
Query Builder