Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017560)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017560 advisory. in SetImageExtent of /MagickCore/image.c, an incorrect image depth size can cause a memory leak because the code which checks for the proper image depth size does no...

CVE-2025-5058

The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the setimage function in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the...

WordPress plugin eMagicOne Store Manager for WooCommerce 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

SUSE CVE-2020-25663

A call to ConformPixelInfo in the SetImageAlphaChannel routine of /MagickCore/channel.c caused a subsequent heap-use-after-free or heap-buffer-overflow READ when GetPixelRed or GetPixelBlue was called. This could occur if an attacker is able to submit a malicious image file to be processed by...

SUSE CVE-2020-27755

in SetImageExtent of /MagickCore/image.c, an incorrect image depth size can cause a memory leak because the code which checks for the proper image depth size does not reset the size in the event there is an invalid size. The patch resets the depth to a proper size before throwing an exception. Th...

DEBIAN-CVE-2016-5688

The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger 1 a heap-based buffer overflow in the SetPixelIndex function or an invali...

ALPINE-CVE-2016-5688

The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger 1 a heap-based buffer overflow in the SetPixelIndex function or an invali...

security flaw

Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name...