CVE-2025-24293

Active Storage allowed transformation methods potentially unsafe Active Storage attempts to prevent the use of potentially unsafe image transformation methods and parameters by default. The default allowed list contains three methods allow for the circumvention of the safe defaults which enables...

CVE-2025-24293

Active Storage allowed transformation methods potentially unsafe Active Storage attempts to prevent the use of potentially unsafe image transformation methods and parameters by default. The default allowed list contains three methods allow for the circumvention of the safe defaults which enables...

ROS-20260129-73-0022

Vulnerability in ImageMagick related to an operation exceeding buffer boundaries in memory. The vulnerability can be exploited remotely...

GHSA-9VJ4-WC7R-P844 vulnerabilities

Vulnerabilities for packages: imagemagick...

Important: Red Hat Security Advisory: php:8.2 security update

An update for the php:8.2 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

PHPGurukul News Portal Code Issues and Vulnerabilities

PHPGurukul News Portal is a news portal website operated by PHPGurukul Corporation. Version 1.0 of PHPGurukul News Portal has code vulnerabilities; these vulnerabilities stem from the unlimited uploading feature in the profile image processing component...

ImageMagick code vulnerabilities

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 14.10.1 have code vulnerabilities that stem from issues with the MSL parser, particularly when handling...

NULL Pointer Dereference

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

NULL Pointer Dereference

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

NULL Pointer Dereference

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Release of Invalid Pointer or Reference

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

CVE-2026-23876

A flaw was found in ImageMagick. A heap buffer overflow, a type of memory corruption, in the XBM image decoder ReadXBMImage allows a remote attacker to write controlled data beyond the allocated memory buffer when processing a maliciously crafted image file. This can lead to arbitrary code...

DEBIAN-CVE-2026-23876

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-13 and 6.9.13-38, a heap buffer overflow vulnerability in the XBM image decoder ReadXBMImage allows an attacker to write controlled data past the allocated heap buffer when...

CVE-2026-23876

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-13 and 6.9.13-38, a heap buffer overflow vulnerability in the XBM image decoder ReadXBMImage allows an attacker to write controlled data past the allocated heap buffer when...

Integer Overflow or Wraparound

Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the ReadXBMImage function. An attacker can execute arbitrary code, cause a denial of service, or access sensitive information by submitting a specially crafted XBM image file for processing. Workaround...

CVE-2026-23876

CVE-2026-23876 – ImageMagick heap buffer overflow (ReadXBMImage) Affected software: ImageMagick versions prior to 7.1.2-13 and 6.9.13-38.Root cause: heap buffer overflow in the XBM image decoder during processing of crafted images.Impact: attacker can write data past the allocated heap buffer, po...

Infinite loop

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

Infinite loop

Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...

Release of Invalid Pointer or Reference

Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...