Imagemagick : Security Vulnerabilities, CVEs, CVSS score between 5 and 5.99
CVE-2016-3715
Known exploited
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
Max CVSS
5.8
EPSS Score
97.13%
Published
2016-05-05
Updated
2023-02-12
CISA KEV Added
2021-11-03
ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF.
Max CVSS
5.5
EPSS Score
1.12%
Published
2012-06-05
Updated
2020-07-31
Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in the IFD in an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0248.
Max CVSS
5.5
EPSS Score
0.76%
Published
2012-06-05
Updated
2023-02-13
PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).
Max CVSS
5.5
EPSS Score
0.32%
Published
2017-04-11
Updated
2017-04-17
DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).
Max CVSS
5.5
EPSS Score
0.32%
Published
2017-04-11
Updated
2017-04-17
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file.
Max CVSS
5.5
EPSS Score
0.35%
Published
2017-03-30
Updated
2017-04-04
ImageMagick allows remote attackers to cause a denial of service (file descriptor consumption) via a crafted file.
Max CVSS
5.5
EPSS Score
0.35%
Published
2017-03-30
Updated
2017-04-04
The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via unspecified vectors.
Max CVSS
5.5
EPSS Score
0.45%
Published
2017-03-30
Updated
2017-04-04
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted dpc image.
Max CVSS
5.5
EPSS Score
0.45%
Published
2017-03-30
Updated
2017-04-04
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted xwd image.
Max CVSS
5.5
EPSS Score
0.40%
Published
2017-03-30
Updated
2017-04-04
The dpx file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed dpx file.
Max CVSS
5.5
EPSS Score
0.40%
Published
2017-03-30
Updated
2017-04-04
The xwd file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed xwd file.
Max CVSS
5.5
EPSS Score
1.08%
Published
2017-03-30
Updated
2017-04-04
ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted ps file.
Max CVSS
5.5
EPSS Score
0.24%
Published
2017-03-30
Updated
2017-04-04
ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted viff file.
Max CVSS
5.5
EPSS Score
1.08%
Published
2017-03-30
Updated
2017-04-04
ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted wpg file.
Max CVSS
5.5
EPSS Score
0.24%
Published
2017-03-30
Updated
2017-04-04
ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted wpg file.
Max CVSS
5.5
EPSS Score
0.40%
Published
2017-03-30
Updated
2017-04-04
ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff file.
Max CVSS
5.5
EPSS Score
0.40%
Published
2017-03-30
Updated
2017-04-04
ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a malformed sun file.
Max CVSS
5.5
EPSS Score
0.40%
Published
2017-03-30
Updated
2017-04-04
ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service via a crafted xpm file.
Max CVSS
5.5
EPSS Score
0.17%
Published
2017-03-22
Updated
2017-03-24
magick/cache.c in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (crash).
Max CVSS
5.5
EPSS Score
0.17%
Published
2017-03-22
Updated
2017-03-24
ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted palm file.
Max CVSS
5.5
EPSS Score
0.17%
Published
2017-03-22
Updated
2017-03-24
The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.
Max CVSS
5.5
EPSS Score
0.76%
Published
2017-03-20
Updated
2018-10-30
The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.
Max CVSS
5.5
EPSS Score
1.12%
Published
2017-03-20
Updated
2018-10-30
Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.
Max CVSS
5.5
EPSS Score
0.98%
Published
2017-03-17
Updated
2018-10-30
Off-by-one error in ImageMagick before 6.6.0-4 allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM profile.
Max CVSS
5.5
EPSS Score
0.12%
Published
2017-03-23
Updated
2017-03-24