Imagemagick

Imagemagick

659 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2023-3745

Exploit
  • EPSS 0.02%
  • Veröffentlicht 24.07.2023 16:15:13
  • Zuletzt bearbeitet 21.11.2024 08:17:58

A heap-based buffer overflow issue was found in ImageMagick's PushCharPixel() function in quantum-private.h. This issue may allow a local attacker to trick the user into opening a specially crafted file, triggering an out-of-bounds read error and all...

5.5

CVE-2023-34474

  • EPSS 0.03%
  • Veröffentlicht 16.06.2023 20:15:09
  • Zuletzt bearbeitet 21.11.2024 08:07:20

A heap-based buffer overflow issue was discovered in ImageMagick's ReadTIM2ImageData() function in coders/tim2.c. A local attacker could trick the user in opening specially crafted file, triggering an out-of-bounds read error, allowing an application...

5.5

CVE-2023-34475

  • EPSS 0.02%
  • Veröffentlicht 16.06.2023 20:15:09
  • Zuletzt bearbeitet 21.11.2024 08:07:20

A heap use after free issue was discovered in ImageMagick's ReplaceXmpValue() function in MagickCore/profile.c. An attacker could trick user to open a specially crafted file to convert, triggering an heap-use-after-free write error, allowing an appli...

5.5

CVE-2023-3195

Exploit
  • EPSS 0.02%
  • Veröffentlicht 16.06.2023 20:15:09
  • Zuletzt bearbeitet 21.11.2024 08:16:40

A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c. This flaw allows an attacker to trick the user into opening a specially crafted malicious tiff file, causing an application to crash, resulting in a denial of service.

5.5

CVE-2023-2157

  • EPSS 0.02%
  • Veröffentlicht 06.06.2023 20:15:12
  • Zuletzt bearbeitet 07.01.2025 22:15:29

A heap-based buffer overflow vulnerability was found in the ImageMagick package that can lead to the application crashing.

5.5

CVE-2023-34151

Exploit
  • EPSS 0.06%
  • Veröffentlicht 30.05.2023 22:15:11
  • Zuletzt bearbeitet 02.12.2024 14:34:36

A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546).

9.8

CVE-2023-34152

Exploit
  • EPSS 68.92%
  • Veröffentlicht 30.05.2023 22:15:11
  • Zuletzt bearbeitet 13.01.2025 19:15:10

A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable-pipes configured.

7.8

CVE-2023-34153

Exploit
  • EPSS 0.68%
  • Veröffentlicht 30.05.2023 22:15:11
  • Zuletzt bearbeitet 10.01.2025 21:15:12

A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding.

5.5

CVE-2023-1906

Exploit
  • EPSS 0.03%
  • Veröffentlicht 12.04.2023 22:15:11
  • Zuletzt bearbeitet 10.02.2025 17:15:15

A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an app...

5.5

CVE-2023-1289

Exploit
  • EPSS 0.13%
  • Veröffentlicht 23.03.2023 20:15:14
  • Zuletzt bearbeitet 21.11.2024 07:38:50

A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many...