363 matches found
CVE-2026-61870 ImageMagick before 7.1.2-26 Memory Leak via VIFF Encoder
ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the VIFF encoder when memory allocation fails. Attackers can trigger allocation failures by processing specially crafted VIFF images to exhaust available memory and cause denial of service...
CVE-2026-56372
ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the magnify operation that allows attackers to read out of bounds memory. An unrecognized magnify:method value triggers an out of bounds read, potentially exposing sensitive information or causing denial of service...
CVE-2026-56373
ImageMagick before 7.1.2-15 contains a use-after-free vulnerability in the PDB decoder that uses a stale pointer when memory allocation fails. Attackers can trigger this vulnerability by processing malicious PDB files to cause crashes or write a single zero byte to freed memory...
CVE-2026-56366
ImageMagick before 7.1.2-18 contains a memory leak vulnerability in the META reader when processing APP1JPEG input paths. Attackers can trigger this memory leak by providing specially crafted APP1JPEG image files, causing denial of service through resource exhaustion...
SUSE CVE-2026-55628
In versions prior to 7.1.2-26he, the -concatenate operation is missing policy checks, potentially resulting in both reading and writing to paths disallowed by the security policy. This issue has been fixed in version 7.1.2-26...
SUSE CVE-2026-56361
ImageMagick before 7.1.2-19 contains an off-by-one error in morphology validation allowing out-of-bounds heap buffer reads. Attackers can trigger heap buffer overflow by providing incorrect morphology parameters causing single pixel memory access violations...
CVE-2026-55597
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-26, an incorrect handling of arguments can cause a heap buffer over-write in the JP2 encoder. This issue has been fixed in version7.1.2-26...
UBUNTU-CVE-2026-53467
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, the MNG decoder contains a possible heap information disclosure vulnerability because part of the pixels are left unchanged. This issue has been fixed in versio...
CVE-2026-55628
In versions prior to 7.1.2-26he, the -concatenate operation is missing policy checks, potentially resulting in both reading and writing to paths disallowed by the security policy. This issue has been fixed in version 7.1.2-26...
EUVD-2026-40445
ImageMagick before 7.1.2-19 contains an off-by-one error in morphology validation allowing out-of-bounds heap buffer reads. Attackers can trigger heap buffer overflow by providing incorrect morphology parameters causing single pixel memory access violations...
DEBIAN-CVE-2026-56363
ImageMagick before 7.1.2-22 contains a division by zero vulnerability in binomial kernel processing that allows attackers to cause denial of service. An attacker can supply a large binomial kernel value causing integer overflow, resulting in division by zero and application crash...
CVE-2026-57338
CVE-2026-57338 concerns the WordPress ARForms plugin, specifically versions <= 7.1.2, which are affected by an unauthenticated cross-site scripting (XSS) vulnerability. Multiple connected sources consistently describe this as an XSS flaw in ARForms
EUVD-2026-36190
ImageMagick has Null Pointer Dereference caused by the distort operation when passing incorrect arguments...
EUVD-2026-36189
ImageMagick has a Use-After-Free when allocation in CheckPrimitiveExtent fails...
EUVD-2026-36185
ImageMagick: Policy Bypass can read disallowed files via symlink...
EUVD-2026-36183
ImageMagick has a Heap Buffer Over-Write in MAT decoder on 32-bit systems...
EUVD-2026-36182
ImageMagick Vulnerable to Stack Overflow in its MVG Decoder...
Astra Linux – Vulnerability in imagemagick
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, there was a stack buffer overflow issue in ImageMagick’s morphology kernel parsing functions. User-controlled kernel strings that exceeded the buffer size were...
Astra Linux – Vulnerability in imagemagick
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, there was a heap buffer over-read vulnerability when processing images with small dimensions using the -wavelet-denoise operator. Versions 7.1.2-15 and 6.9.13-4...
Astra Linux – Vulnerability in imagemagick
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-13 and 6.9.13-38, there was a heap buffer overflow vulnerability in the XBM image decoder ReadXBMImage. This vulnerability allowed attackers to write controlled data beyond the...