Lucene search
K

363 matches found

Cvelist
Cvelist
added 3 days ago38 views

CVE-2026-61870 ImageMagick before 7.1.2-26 Memory Leak via VIFF Encoder

ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the VIFF encoder when memory allocation fails. Attackers can trigger allocation failures by processing specially crafted VIFF images to exhaust available memory and cause denial of service...

2.9CVSS0.00104EPSS
Exploits0References2
Debian CVE
Debian CVE
added 3 days ago7 views

CVE-2026-56372

ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the magnify operation that allows attackers to read out of bounds memory. An unrecognized magnify:method value triggers an out of bounds read, potentially exposing sensitive information or causing denial of service...

4.8CVSS6.2AI score0.00116EPSS
Exploits0
Debian CVE
Debian CVE
added 4 days ago4 views

CVE-2026-56373

ImageMagick before 7.1.2-15 contains a use-after-free vulnerability in the PDB decoder that uses a stale pointer when memory allocation fails. Attackers can trigger this vulnerability by processing malicious PDB files to cause crashes or write a single zero byte to freed memory...

6.3CVSS6.1AI score0.00221EPSS
Exploits0
Debian CVE
Debian CVE
added 4 days ago5 views

CVE-2026-56366

ImageMagick before 7.1.2-18 contains a memory leak vulnerability in the META reader when processing APP1JPEG input paths. Attackers can trigger this memory leak by providing specially crafted APP1JPEG image files, causing denial of service through resource exhaustion...

6.5CVSS6.1AI score0.00103EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/07/03 3:2 a.m.5 views

SUSE CVE-2026-55628

In versions prior to 7.1.2-26he, the -concatenate operation is missing policy checks, potentially resulting in both reading and writing to paths disallowed by the security policy. This issue has been fixed in version 7.1.2-26...

5.5CVSS5.9AI score0.00098EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/07/03 3:2 a.m.5 views

SUSE CVE-2026-56361

ImageMagick before 7.1.2-19 contains an off-by-one error in morphology validation allowing out-of-bounds heap buffer reads. Attackers can trigger heap buffer overflow by providing incorrect morphology parameters causing single pixel memory access violations...

3.3CVSS6.1AI score0.00128EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 7:16 p.m.8 views

CVE-2026-55597

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-26, an incorrect handling of arguments can cause a heap buffer over-write in the JP2 encoder. This issue has been fixed in version7.1.2-26...

5.5CVSS0.00103EPSS
Exploits0References1
OSV
OSV
added 2026/07/01 7:16 p.m.4 views

UBUNTU-CVE-2026-53467

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, the MNG decoder contains a possible heap information disclosure vulnerability because part of the pixels are left unchanged. This issue has been fixed in versio...

5.3CVSS5.8AI score0.00197EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/07/01 6:16 p.m.5 views

CVE-2026-55628

In versions prior to 7.1.2-26he, the -concatenate operation is missing policy checks, potentially resulting in both reading and writing to paths disallowed by the security policy. This issue has been fixed in version 7.1.2-26...

5.5CVSS5.7AI score0.00098EPSS
Exploits0
EUVD
EUVD
added 2026/07/01 12:34 a.m.8 views

EUVD-2026-40445

ImageMagick before 7.1.2-19 contains an off-by-one error in morphology validation allowing out-of-bounds heap buffer reads. Attackers can trigger heap buffer overflow by providing incorrect morphology parameters causing single pixel memory access violations...

4.8CVSS6AI score0.00128EPSS
Exploits0References3
OSV
OSV
added 2026/06/30 11:17 p.m.2 views

DEBIAN-CVE-2026-56363

ImageMagick before 7.1.2-22 contains a division by zero vulnerability in binomial kernel processing that allows attackers to cause denial of service. An attacker can supply a large binomial kernel value causing integer overflow, resulting in division by zero and application crash...

4.8CVSS5.8AI score0.00111EPSS
Exploits0References1
CVE
CVE
added 2026/06/29 1:36 p.m.18 views

CVE-2026-57338

CVE-2026-57338 concerns the WordPress ARForms plugin, specifically versions <= 7.1.2, which are affected by an unauthenticated cross-site scripting (XSS) vulnerability. Multiple connected sources consistently describe this as an XSS flaw in ARForms

7.1CVSS5.8AI score0.00146EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 5:51 p.m.11 views

EUVD-2026-36190

ImageMagick has Null Pointer Dereference caused by the distort operation when passing incorrect arguments...

4.3CVSS5.8AI score0.00187EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/26 4:21 p.m.13 views

EUVD-2026-36189

ImageMagick has a Use-After-Free when allocation in CheckPrimitiveExtent fails...

5.9CVSS5.8AI score0.00227EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 9:53 p.m.10 views

EUVD-2026-36185

ImageMagick: Policy Bypass can read disallowed files via symlink...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 9:50 p.m.11 views

EUVD-2026-36183

ImageMagick has a Heap Buffer Over-Write in MAT decoder on 32-bit systems...

5.9CVSS5.8AI score0.00227EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 9:49 p.m.12 views

EUVD-2026-36182

ImageMagick Vulnerable to Stack Overflow in its MVG Decoder...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, there was a stack buffer overflow issue in ImageMagick’s morphology kernel parsing functions. User-controlled kernel strings that exceeded the buffer size were...

7.1CVSS7.3AI score0.00108EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, there was a heap buffer over-read vulnerability when processing images with small dimensions using the -wavelet-denoise operator. Versions 7.1.2-15 and 6.9.13-4...

7.1CVSS7.2AI score0.00137EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-13 and 6.9.13-38, there was a heap buffer overflow vulnerability in the XBM image decoder ReadXBMImage. This vulnerability allowed attackers to write controlled data beyond the...

9.8CVSS5.6AI score0.00609EPSS
Exploits1References3
Rows per page
Query Builder