Vulnerabilities > Imagemagick > High

DATE CVE VULNERABILITY TITLE RISK
2024-07-29 CVE-2024-41817 Uncontrolled Search Path Element vulnerability in Imagemagick
ImageMagick is a free and open-source software suite, used for editing and manipulating digital images.
local
low complexity
imagemagick CWE-427
7.8
2023-08-22 CVE-2021-40211 Divide By Zero vulnerability in Imagemagick 7.1.04
An issue was discovered with ImageMagick 7.1.0-4 via Division by zero in function ReadEnhMetaFile of coders/emf.c.
network
low complexity
imagemagick CWE-369
7.5
2023-08-22 CVE-2022-48541 Memory Leak vulnerability in multiple products
A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote attackers to perform a denial of service via the "identify -help" command.
network
low complexity
imagemagick fedoraproject CWE-401
7.1
2023-05-30 CVE-2023-34153 Command Injection vulnerability in multiple products
A vulnerability was found in ImageMagick.
local
low complexity
imagemagick fedoraproject redhat CWE-77
7.8
2022-08-29 CVE-2022-0284 Out-of-bounds Read vulnerability in Imagemagick
A heap-based-buffer-over-read flaw was found in ImageMagick's GetPixelAlpha() function of 'pixel-accessor.h'.
local
low complexity
imagemagick CWE-125
7.1
2022-06-16 CVE-2022-32545 Integer Overflow or Wraparound vulnerability in multiple products
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed.
local
low complexity
imagemagick redhat fedoraproject CWE-190
7.8
2022-06-16 CVE-2022-32546 Integer Overflow or Wraparound vulnerability in multiple products
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed.
local
low complexity
imagemagick redhat fedoraproject CWE-190
7.8
2022-06-16 CVE-2022-32547 Incorrect Type Conversion or Cast vulnerability in multiple products
In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c.
local
low complexity
imagemagick redhat fedoraproject CWE-704
7.8
2022-05-08 CVE-2022-28463 Classic Buffer Overflow vulnerability in multiple products
ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow.
local
low complexity
imagemagick debian CWE-120
7.8
2022-04-29 CVE-2022-1114 Use After Free vulnerability in Imagemagick
A heap-use-after-free flaw was found in ImageMagick's RelinquishDCMInfo() function of dcm.c file.
local
low complexity
imagemagick CWE-416
7.1