Out-of-bounds Write

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

Out-of-bounds Write

Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Out-of-bounds Write

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Out-of-bounds Write

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Out-of-bounds Write

Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Out-of-bounds Write

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

Out-of-bounds Write

Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

Out-of-bounds Write

Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...

ImageMagick BlobStream Forward-Seek Under-Allocation

Reporter: Lumina Mescuwa Product: ImageMagick 7 MagickCore Component: MagickCore/blob.c Blob I/O - BlobStream Tested: 7.1.2-0 source tag and 7.1.2-1 Homebrew, macOS arm64, clang-17, Q16-HDRI Impact: Heap out-of-bounds WRITE attacker-controlled bytes at attacker-chosen offset → memory corruption;...

GHSA-23HG-53Q6-HQFG ImageMagick BlobStream Forward-Seek Under-Allocation

Reporter: Lumina Mescuwa Product: ImageMagick 7 MagickCore Component: MagickCore/blob.c Blob I/O - BlobStream Tested: 7.1.2-0 source tag and 7.1.2-1 Homebrew, macOS arm64, clang-17, Q16-HDRI Impact: Heap out-of-bounds WRITE attacker-controlled bytes at attacker-chosen offset → memory corruption;...

ImageMagick 缓冲区错误漏洞

ImageMagick is a suite of open source image processing software from ImageMagick Open Source. It can read, convert, or write images in a variety of formats. A buffer error vulnerability exists in versions of ImageMagick prior to 14.8.2, which stems from insecure SeekBlob and WriteBlob functions...

PT-2025-36333

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 14.8.2 Description ImageMagick is free and open-source software used for editing and manipulating digital images. The software includes insecure functions: SeekBlob, which allows advancing the stream offset beyond...

SUSE CVE-2017-9142

In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the WriteBlob function in MagickCore/blob.c because of missing checks in the ReadOneJNGImage function in coders/png.c...

SUSE CVE-2017-11524

The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0 allows remote attackers to cause a denial of service assertion failure and application exit via a crafted file...

Huawei EulerOS: Security Advisory for ImageMagick (EulerOS-SA-2020-1806)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OSV-2020-1375 Use-of-uninitialized-value in WriteBlob

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12473 Crash type: Use-of-uninitialized-value Crash state: WriteBlob WriteEPTImage WriteImage...

CVE-2018-16749

In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service WriteBlob assertion failure and application exit via a crafted file...

imagemagick/encoder_ept3_fuzzer: Use-of-uninitialized-value in WriteBlob

Detailed report: https://oss-fuzz.com/testcase?key=5085775568306176 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderept3fuzzer Fuzz target binary: encoderept3fuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State:...

CVE-2018-16749

CVE-2018-16749: In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage (coders/png.c) allows a crafted file to trigger a denial of service (WriteBlob assertion failure and app exit). Affected versions are before the fixed release. Remediation: update ImageMagick to a version...

graphicsmagick/coder_MAT_fuzzer: Use-of-uninitialized-value in WriteBlob

Project: http://hg.code.sf.net/p/graphicsmagick/code Detailed report: https://oss-fuzz.com/testcase?key=4847485762666496 Project: graphicsmagick Fuzzer: libFuzzergraphicsmagickcoderMATfuzzer Fuzz target binary: coderMATfuzzer Job Type: libfuzzermsangraphicsmagick Platform Id: linux Crash Type:...