SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the API contact filtering due to insufficient recursive sanitization of nested query parameters. An attacker can execute arbitrary SQL commands and potentially access sensitive data or disrupt database integrity by...

Astra Linux - уязвимость в imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-0 and 6.9.13-26 have a heap buffer overflow in the InterpretImageFilename function. The issue arises from an off-by-one error that causes out-of-bounds memory access when...

Astra Linux - уязвимость в imagemagick

ImageMagick is a free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, the magnified size calculations in ReadOneMNGIMage in the coders/png.c file were unsafe and could lead to overflow, resulting in memory corruption. This issue...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-016803)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016803 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, in the WriteSVGImage function, using an int...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-016787)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016787 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular referenc...

Astra Linux - уязвимость в imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a logic error in the YUV sampling factor validation allowed an invalid sampling factor to bypass checks and trigger a division-by-zero during image loading,...

Astra Linux - уязвимость в imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, using the magick stream command in ImageMagick, specifying multiple consecutive %d format specifiers in a filename template caused a memory leak. Versions...

Astra Linux - уязвимость в imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-13 and 6.9.13-38, a heap buffer overflow vulnerability in the XBM image decoder ReadXBMImage allows an attacker to write controlled data past the allocated heap buffer when...

Astra Linux - уязвимость в imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a stack buffer overflow occurs when processing the an attribute in msl.c. A long value overflows a fixed-size stack buffer, leading to memory corruption. Versio...

PT-2026-39747

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-21 ImageMagick versions prior to 6.9.13-46 Description An overflow can be triggered when a user opens a malicious MIFF file in the display tool and right-clicks a tile to invoke the Load / Update menu item...

Medium: ImageMagick

Issue Overview: ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, a heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image. This issue ha...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-015470)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-015470 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-015462)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-015462 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, the magnified size calculatio...

EUVD-2026-22132

ImageMagick has an off-by-one error in MSL decoder could result in crash...

EUVD-2026-22113

ImageMagick has a heap buffer overflow WRITE in the YAML and JSON encoders...

Linux Distros Unpatched Vulnerability : CVE-2026-33901

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, a heap buffer...

CVE-2026-40312

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, an off by one error in the MSL decoder could result in a crash when a malicous MSL file is read. This issue has been fixed in version 7.1.2-19...

UBUNTU-CVE-2026-34238

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, an integer overflow in the despeckle operation causes a heap buffer overflow on 32-bit builds that will result in an out of bounds write. This issue has be...

CVE-2026-40312

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, an off by one error in the MSL decoder could result in a crash when a malicous MSL file is read. This issue has been fixed in version 7.1.2-19...

CVE-2026-40312

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, an off by one error in the MSL decoder could result in a crash when a malicous MSL file is read. This issue has been fixed in version 7.1.2-19...