107 matches found
CVE-2026-56374
A heap buffer overflow vulnerability exists in ImageMagick and Magick.NET's FTXT encoder due to missing boundary checks for the ftxt:format parameter. A remote attacker could exploit this using a specially crafted FTXT image to cause a denial of service or disclose sensitive information. Mitigati...
Linux Distros Unpatched Vulnerability : CVE-2026-55577
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, a heap buffer overflow...
Linux Distros Unpatched Vulnerability : CVE-2026-56369
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers can exploi...
CVE-2026-56377
ImageMagick before 7.1.2-24 contains an incorrect policy check that allows attackers to create or truncate files disallowed by security policies. Remote attackers can bypass path policy restrictions in sandboxed conversion services to write arbitrary files outside intended boundaries...
Linux Distros Unpatched Vulnerability : CVE-2026-56376
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick before 7.1.2-15 and 6.9.13-40 contains a heap use-after-free in the meta coder: when memory allocation fails, a single byte is written to a stale...
Linux Distros Unpatched Vulnerability : CVE-2026-56371
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick before 7.1.2-15 and 6.9.13-40 contains a memory leak in coders/txt.c when processing TXT files with texture attributes: the texture object allocated...
Linux Distros Unpatched Vulnerability : CVE-2026-56368
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick before 7.1.2-15 contains a memory leak vulnerability in multiple coders that write raw pixel data where allocated objects are not properly freed...
Astra Linux – Vulnerability in imagemagick
ImageMagick is free and open-source software used for editing and manipulating digital images. Before versions 7.1.2-16 and 6.9.13-41, there was a vulnerability where a memory allocation failure in the sixel encoder could lead to writing beyond the end of a buffer on the stack. This vulnerability...
Astra Linux – Vulnerability in imagemagick
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, there was a heap buffer over-read vulnerability in multiple raw image format handles. This vulnerability occurred when processing images with -extract dimension...
Astra Linux – Vulnerability in imagemagick
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, when temporary file creation failed, readinfo was destroyed before its filename member could be accessed, resulting in a NULL pointer dereference and system...
Out-of-bounds Write
Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Use After Free
Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
CVE-2026-46523
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, a crafted MSL image can trigger a heap-use-after-free. Versions 7.1.2.23 and 6.9.13-48 fix the issue...
Linux Distros Unpatched Vulnerability : CVE-2026-45359
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid...
Linux Distros Unpatched Vulnerability : CVE-2026-45664
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, because of a missing...
Astra Linux – Vulnerability in imagemagick
The WriteOnePNGImage function from coders/png.c the PNG encoder contains a for loop with an improper exit condition that may lead to an out-of-bounds READ operation due to a heap-buffer-overflow issue. This occurs because it is possible for the colormap to have fewer than 256 valid values, and th...
Infinite loop
Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...
Uncontrolled Recursion
Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...
Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017620)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017620 advisory. A flaw was found in ImageMagick in MagickCore/quantum-export.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined...
Linux Distros Unpatched Vulnerability : CVE-2026-33905
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, the -sample...