Lucene search
+L

5 matches found

bdu_fstec
bdu_fstec
added 2025/10/10 12:0 a.m.2 views

The vulnerability of the SeekBlob() and WriteBlob() functions in the console-based image editing tool ImageMagick allows a hacker to execute arbitrary code.

The vulnerability of the SeekBlob and WriteBlob functions in the console-based image editing tool ImageMagick is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS6.2AI score0.00274EPSS
Exploits1References16Affected Software7
osv
osv
added 2025/09/12 2:24 p.m.3 views

OESA-2025-2248 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

9.8CVSS6.8AI score0.00274EPSS
Exploits1References2
osv
osv
added 2025/09/12 2:24 p.m.5 views

OESA-2025-2245 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

9.8CVSS6.8AI score0.00274EPSS
Exploits1References2
osv
osv
added 2025/09/05 9:16 p.m.3 views

CVE-2025-57807 ImageMagick BlobStream Forward-Seek Under-Allocation

ImageMagick is free and open-source software used for editing and manipulating digital images. ImageMagick versions lower than 14.8.2 include insecure functions: SeekBlob, which permits advancing the stream offset beyond the current end without increasing capacity, and WriteBlob, which then expan...

3.8CVSS6.4AI score0.00274EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2025/09/05 12:0 a.m.14 views

PT-2025-36602

Reporter: Lumina Mescuwa Product: ImageMagick 7 MagickCore Component: MagickCore/blob.c Blob I/O - BlobStream Tested: 7.1.2-0 source tag and 7.1.2-1 Homebrew, macOS arm64, clang-17, Q16-HDRI Impact: Heap out-of-bounds WRITE attacker-controlled bytes at attacker-chosen offset → memory corruption;...

3.8CVSS7.9AI score
Exploits0References4
Rows per page
Query Builder