Vulnerabilities > Imagemagick > High

DATE CVE VULNERABILITY TITLE RISK
2024-07-29 CVE-2024-41817 Uncontrolled Search Path Element vulnerability in Imagemagick
ImageMagick is a free and open-source software suite, used for editing and manipulating digital images.
local
low complexity
imagemagick CWE-427
7.8
7.8
2023-08-22 CVE-2021-40211 Divide By Zero vulnerability in Imagemagick 7.1.04
An issue was discovered with ImageMagick 7.1.0-4 via Division by zero in function ReadEnhMetaFile of coders/emf.c.
network
low complexity
imagemagick CWE-369
7.5
7.5
2023-08-22 CVE-2022-48541 Memory Leak vulnerability in multiple products
A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote attackers to perform a denial of service via the "identify -help" command.
network
low complexity
imagemagick fedoraproject CWE-401
7.1
7.1
2023-05-30 CVE-2023-34153 Command Injection vulnerability in multiple products
A vulnerability was found in ImageMagick.
local
low complexity
imagemagick fedoraproject redhat CWE-77
7.8
7.8
2022-06-16 CVE-2022-32545 Integer Overflow or Wraparound vulnerability in multiple products
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed.
local
low complexity
imagemagick redhat fedoraproject CWE-190
7.8
7.8
2022-06-16 CVE-2022-32546 Integer Overflow or Wraparound vulnerability in multiple products
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed.
local
low complexity
imagemagick redhat fedoraproject CWE-190
7.8
7.8
2022-06-16 CVE-2022-32547 Incorrect Type Conversion or Cast vulnerability in multiple products
In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c.
local
low complexity
imagemagick redhat fedoraproject CWE-704
7.8
7.8
2022-05-08 CVE-2022-28463 Classic Buffer Overflow vulnerability in multiple products
ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow.
local
low complexity
imagemagick debian CWE-120
7.8
7.8
2022-02-24 CVE-2021-3610 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage() in coders/tiff.c.
network
low complexity
imagemagick fedoraproject redhat CWE-787
7.5
7.5
2021-05-11 CVE-2021-20309 A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage() of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick.
network
low complexity
imagemagick debian
7.5
7.5