2033 matches found
EUVD-2025-205813
ImageMagick's failure to limit the depth of SVG file reads caused a DoS attack...
CVE-2025-68950
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a stack overflow. This is a DoS vulnerability, and any situation that allows reading the mvg file wi...
CVE-2025-68950
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a stack overflow. This is a DoS vulnerability, and any situation that allows reading the mvg file wi...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the WriteSVGImage function. An attacker can cause the application to crash or become unavailable by submitting a malicious MVG file that triggers an integer overflow and subsequent buffer overflow durin...
Integer Overflow or Wraparound
Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
CVE-2025-69204 ImageMagick converting a malicious MVG file to SVG caused an integer overflow.
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, in the WriteSVGImage function, using an int variable to store numberattributes caused an integer overflow. This, in turn, triggered a buffer overflow and caused a DoS attack...
Integer Overflow or Wraparound
Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...
Integer Overflow or Wraparound
Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
Integer Overflow or Wraparound
Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
CVE-2025-68950 Magick's failure to limit MVG mutual references forming a loop
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a stack overflow. This is a DoS vulnerability, and any situation that allows reading the mvg file wi...
CVE-2025-68950
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a stack overflow. This is a DoS vulnerability, and any situation that allows reading the mvg file wi...
CVE-2025-68950 Magick's failure to limit MVG mutual references forming a loop
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a stack overflow. This is a DoS vulnerability, and any situation that allows reading the mvg file wi...
CVE-2025-68950
ImageMagick (affected component: MVG handling) is vulnerable to a DoS due to Magick failing to detect circular references between two MVGs, causing a stack overflow when reading an MVG file. The issue is fixed in version 7.1.2-12; upgrade to 7.1.2-12 or later to remediate.
CVE-2025-68618 Magick's failure to limit the depth of SVG file reads caused a DoS attack.
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, using Magick to read a malicious SVG file resulted in a DoS attack. Version 7.1.2-12 fixes the issue...
CVE-2025-68618
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, using Magick to read a malicious SVG file resulted in a DoS attack. Version 7.1.2-12 fixes the issue...
CVE-2025-68618 Magick's failure to limit the depth of SVG file reads caused a DoS attack.
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, using Magick to read a malicious SVG file resulted in a DoS attack. Version 7.1.2-12 fixes the issue...
CVE-2025-68618 Magick's failure to limit the depth of SVG file reads caused a DoS attack.
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, using Magick to read a malicious SVG file resulted in a DoS attack. Version 7.1.2-12 fixes the issue...
ImageMagick 安全漏洞
ImageMagick is a suite of open source image processing software from ImageMagick Open Source. It can read, convert or write images in many formats. A security vulnerability exists in versions prior to ImageMagick 7.1.2-12 that stems from unchecked circular references between two MVGs, which could...
Stored XSS
Overview Affected versions of this package are vulnerable to Stored XSS due to insufficient sanitization of interactive attributes in GraphViz diagrams. As a result, a crafted PlantUML diagram can inject malicious JavaScript into generated SVG output, leading to arbitrary script execution in the...
CVE-2025-65790
A reflected cross-site scripting XSS vulnerability exists in FuguHub 8.1 when serving SVG files through the /fs/ file manager interface. FuguHub does not sanitize or restrict script execution inside SVG content. When a victim opens a crafted SVG containing an inline element, the browser executes...