Vulnerabilities > Imagemagick > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-11-19 CVE-2023-5341 Use After Free vulnerability in multiple products
A heap use-after-free flaw was found in coders/bmp.c in ImageMagick.
local
low complexity
imagemagick fedoraproject CWE-416
5.5
2023-10-04 CVE-2023-3428 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick.
local
low complexity
imagemagick fedoraproject CWE-787
5.5
2023-07-24 CVE-2023-3745 Out-of-bounds Write vulnerability in Imagemagick
A heap-based buffer overflow issue was found in ImageMagick's PushCharPixel() function in quantum-private.h.
local
low complexity
imagemagick CWE-787
5.5
2023-06-16 CVE-2023-34474 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow issue was discovered in ImageMagick's ReadTIM2ImageData() function in coders/tim2.c.
local
low complexity
imagemagick fedoraproject CWE-787
5.5
2023-06-16 CVE-2023-34475 Use After Free vulnerability in multiple products
A heap use after free issue was discovered in ImageMagick's ReplaceXmpValue() function in MagickCore/profile.c.
local
low complexity
imagemagick fedoraproject CWE-416
5.5
2023-06-16 CVE-2023-3195 Out-of-bounds Write vulnerability in multiple products
A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c.
local
low complexity
imagemagick fedoraproject CWE-787
5.5
2023-06-06 CVE-2023-2157 Out-of-bounds Write vulnerability in Imagemagick
A heap-based buffer overflow vulnerability was found in the ImageMagick package that can lead to the application crashing.
local
low complexity
imagemagick CWE-787
5.5
2023-05-30 CVE-2023-34151 Integer Overflow or Wraparound vulnerability in multiple products
A vulnerability was found in ImageMagick.
5.5
2023-04-12 CVE-2023-1906 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c.
local
low complexity
imagemagick fedoraproject CWE-787
5.5
2023-03-23 CVE-2023-1289 Improper Input Validation vulnerability in multiple products
A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault.
local
low complexity
imagemagick fedoraproject redhat CWE-20
5.5