Lucene search
K

5 matches found

OSV
OSV
added 2026/06/30 11:17 p.m.4 views

DEBIAN-CVE-2026-56364

ImageMagick before 7.1.2-13 contains a memory leak vulnerability in LoadOpenCLDeviceBenchmark function when parsing malformed OpenCL device profile XML files with unclosed device elements. Attackers with write access to the OpenCL cache directory can place malicious XML files to exhaust memory an...

1.8CVSS5.8AI score0.00123EPSS
Exploits1References1
Veracode
Veracode
added 2026/01/29 11:57 a.m.7 views

Memory Leak

ImageMagick is vulnerable to a memory leak. The vulnerability is due to improper handling of malformed OpenCL device profile XML files in the LoadOpenCLDeviceBenchmark function, which fails to free allocated string memory when elements are not properly closed, allowing an attacker to trigger memo...

5.9AI score
Exploits0
Snyk
Snyk
added 2026/01/21 1:6 a.m.8 views

Release of Invalid Pointer or Reference

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

8.3CVSS5.6AI score
Exploits0References2
Snyk
Snyk
added 2026/01/21 1:6 a.m.9 views

Release of Invalid Pointer or Reference

Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.3CVSS5.6AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/01/21 1:6 a.m.10 views

ImageMagick has a Memory Leak in LoadOpenCLDeviceBenchmark() when parsing malformed XML

Summary A memory leak vulnerability exists in the LoadOpenCLDeviceBenchmark function in MagickCore/opencl.c. When parsing a malformed OpenCL device profile XML file that contains closing tags, the function fails to release allocated memory for string members platformname, vendorname, name, versio...

5.7AI score
Exploits0References3Affected Software19
Rows per page
Query Builder