29 matches found
CVE-2026-56378 ImageMagick - Heap Out-of-Bounds Read in PCD Decoder
ImageMagick before 7.1.2-15 and 6.x before 6.9.13-40 contains a heap out-of-bounds read in the PCD coder's DecodeImage loop. A crafted PCD file can trigger a one-byte heap out-of-bounds read during image decoding, resulting in denial of service and potential disclosure of an adjacent heap byte...
MGASA-2026-0117 Updated graphicsmagick packages fix security vulnerabilities
ImageMagick has a heap overflow in the pcd decoder that leads to an out of bounds read. CVE-2026-26284 ImageMagick has an Out-of-Bounds write of a zero byte in its X11 display interaction. CVE-2026-33535...
Security update for GraphicsMagick (moderate)
openSUSE security update: security update for graphicsmagick ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20536-1 Rating: moderate References: bsc1258765 Cross-References: CVE-2026-26284 CVSS scores: CVE-2026-26284 SUSE : 6.5...
OPENSUSE-SU-2026:20536-1 Security update for GraphicsMagick
This update for GraphicsMagick fixes the following issues: - CVE-2026-26284: Heap overflow in pcd decoder leads to out of bounds read. bsc1258765...
SUSE SLES15 Security Update : GraphicsMagick (SUSE-SU-2026:1300-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1300-1 advisory. - CVE-2026-26284: heap overflow in pcd decoder leads to out of bounds read bsc1258765. - CVE-2026-28690: missing bounds check in the MNG encode...
Security update for GraphicsMagick
This update for GraphicsMagick fixes the following issues: CVE-2026-26284: heap overflow in pcd decoder leads to out of bounds read bsc1258765. CVE-2026-28690: missing bounds check in the MNG encoder can lead to a stack buffer overflow bsc1259456. Patch Instructions: To install this SUSE update u...
CLSA-2026-1775121288 ImageMagick: Fix of 7 CVEs
CVE-2026-28494: fix stack buffer overflow in morphology kernel parsing - CVE-2026-28691: fix uninitialized pointer dereference in JBIG decoder - CVE-2026-25989: fix off-by-one boundary check in CastDoubleToLong - CVE-2026-25985: fix memory allocation without limits in SVG decoder -...
CLSA-2026-1775121601 ImageMagick: Fix of 7 CVEs
CVE-2026-28494: fix stack buffer overflow in morphology kernel parsing - CVE-2026-28691: fix uninitialized pointer dereference in JBIG decoder - CVE-2026-25989: fix off-by-one boundary check in CastDoubleToLong - CVE-2026-25985: fix memory allocation without limits in SVG decoder -...
CLSA-2026-1774999144 ImageMagick: Fix of 7 CVEs
CVE-2026-28494: fix stack buffer overflow in morphology kernel parsing - CVE-2026-28691: fix uninitialized pointer dereference in JBIG decoder - CVE-2026-25989: fix off-by-one boundary check in CastDouble functions - CVE-2026-25985: fix memory allocation without limits in SVG decoder -...
CLSA-2026-1774997937 ImageMagick: Fix of 7 CVEs
CVE-2026-28494: fix stack buffer overflow in morphology kernel parsing - CVE-2026-28691: fix uninitialized pointer dereference in JBIG decoder - CVE-2026-25989: fix off-by-one boundary check in CastDouble functions - CVE-2026-25985: fix memory allocation without limits in SVG decoder -...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : ImageMagick vulnerabilities (USN-8069-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8069-1 advisory. It was discovered that ImageMagick did not properly decode certain SUN image files. An attack...
USN-8069-1 imagemagick vulnerabilities
It was discovered that ImageMagick did not properly decode certain SUN image files. An attacker could use this issue to cause ImageMagick to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2026-25897 It was discovered that ImageMagick did not properly validate pix...
USN-8069-1: ImageMagick vulnerabilities
It was discovered that ImageMagick did not properly decode certain SUN image files. An attacker could use this issue to cause ImageMagick to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2026-25897 It was discovered that ImageMagick did not properly validate pix...
Incorrect Calculation of Buffer Size
Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...
CVE-2026-26284 ImageMagick has heap overflow in pcd decoder that leads to out of bounds read.
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, ImageMagick lacks proper boundary checking when processing Huffman-coded data from PCD Photo CD files. The decoder contains an function that has an incorrect...
Incorrect Calculation of Buffer Size
Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Incorrect Calculation of Buffer Size
Overview Affected versions of this package are vulnerable to Incorrect Calculation of Buffer Size in the PCD decoder when processing Huffman-coded data. An attacker can access sensitive information or cause a denial of service by supplying a specially crafted PCD file. Workaround This vulnerabili...
Incorrect Calculation of Buffer Size
Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Incorrect Calculation of Buffer Size
Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
Incorrect Calculation of Buffer Size
Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...