Vulnerabilities > Imagemagick > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-05-30 | CVE-2023-34152 | OS Command Injection vulnerability in multiple products A vulnerability was found in ImageMagick. | 9.8 |
2019-12-24 | CVE-2019-19952 | Use After Free vulnerability in Imagemagick In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGImage. | 9.8 |
2019-12-24 | CVE-2019-19949 | Out-of-bounds Read vulnerability in multiple products In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare. | 9.1 |
2019-12-24 | CVE-2019-19948 | Out-of-bounds Write vulnerability in multiple products In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c. | 9.8 |
2018-09-01 | CVE-2018-16329 | NULL Pointer Dereference vulnerability in Imagemagick In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c. | 9.8 |
2018-09-01 | CVE-2018-16328 | NULL Pointer Dereference vulnerability in Imagemagick In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c. | 9.8 |
2018-07-23 | CVE-2018-14551 | Use of Uninitialized Resource vulnerability in multiple products The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses an uninitialized variable, leading to memory corruption. | 9.8 |
2018-03-01 | CVE-2017-18211 | NULL Pointer Dereference vulnerability in multiple products In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function saveBinaryCLProgram in magick/opencl.c because a program-lookup result is not checked, related to CacheOpenCLKernel. | 9.8 |
2018-03-01 | CVE-2017-18210 | NULL Pointer Dereference vulnerability in Imagemagick In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function BenchmarkOpenCLDevices in MagickCore/opencl.c because a memory allocation result is not checked. | 9.8 |
2017-12-11 | CVE-2017-17499 | Use After Free vulnerability in multiple products ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp. | 9.8 |