Exploit Intelligence Platform

CVE-2026-27798 WRITEUP MEDIUM WRITEUP

ImageMagick <7.1.2-15/6.9.13-40 - Buffer Overflow

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability occurs when processing an image with small dimension using the `-wavelet-denoise` operator. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

CVSS 4.0

View Code

CVE-2026-24484 WRITEUP MEDIUM WRITEUP

ImageMagick <7.1.2-15/6.9.13-40 - DoS

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, Magick fails to check for multi-layer nested mvg conversions to svg, leading to DoS. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

CVSS 5.3

View Code

CVE-2026-24485 WRITEUP HIGH WRITEUP

ImageMagick <7.1.2-15/6.9.13-40 - DoS

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, when a PCD file does not contain a valid Sync marker, the DecodeImage() function becomes trapped in an infinite loop while searching for the Sync marker, causing the program to become unresponsive and continuously consume CPU resources, ultimately leading to system resource exhaustion and denial of service. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

CVSS 7.5

View Code

CVE-2016-5689 WRITEUP CRITICAL WRITEUP

ImageMagick <6.9.4.5, <7.0.1.7 - Info Disclosure

The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks.

CVSS 9.8

View Code

CVE-2016-5690 WRITEUP CRITICAL WRITEUP

ImageMagick <6.9.4.5, <7.0.1.7 - RCE

The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table.

CVSS 9.8

View Code

CVE-2016-5691 WRITEUP CRITICAL WRITEUP

ImageMagick <6.9.4.5 & <7.0.1.7 - Info Disclosure

The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3) pixel.blue.

CVSS 9.8

View Code

CVE-2016-7513 WRITEUP MEDIUM WRITEUP

Imagemagick < 6.9.4-0 - Numeric Error

Off-by-one error in magick/cache.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors.

CVSS 6.5

View Code

CVE-2016-7520 WRITEUP MEDIUM WRITEUP

Imagemagick < 6.9.4-0 - Out-of-Bounds Read

Heap-based buffer overflow in coders/hdr.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted HDR file.

CVSS 6.5

View Code

CVE-2016-7524 WRITEUP MEDIUM WRITEUP

Imagemagick < 6.9.4-0 - Out-of-Bounds Read

coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.

CVSS 6.5

View Code

CVE-2016-7527 WRITEUP MEDIUM WRITEUP

Imagemagick < 6.9.4-0 - Out-of-Bounds Read

coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.

CVSS 6.5

View Code

CVE-2016-7528 WRITEUP MEDIUM WRITEUP

Imagemagick < 6.9.4-0 - Out-of-Bounds Read

The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted VIFF file.

CVSS 6.5

View Code

CVE-2016-7529 WRITEUP MEDIUM WRITEUP

Imagemagick < 6.9.4-0 - Out-of-Bounds Read

coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted XCF file.

CVSS 6.5

View Code

CVE-2016-7530 WRITEUP MEDIUM WRITEUP

Imagemagick < 6.9.4-0 - Divide By Zero

The quantum handling code in ImageMagick allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds write) via a crafted file.

CVSS 6.5

View Code

CVE-2016-7533 WRITEUP MEDIUM WRITEUP

Imagemagick < 6.9.4-0 - Out-of-Bounds Read

The ReadWPGImage function in coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WPG file.

CVSS 6.5

View Code

CVE-2016-7534 WRITEUP MEDIUM WRITEUP

Imagemagick < 6.9.4-0 - Out-of-Bounds Read

The generic decoder in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted file.

CVSS 6.5

View Code

CVE-2016-7537 WRITEUP MEDIUM WRITEUP

Imagemagick < 6.9.4-7 - Out-of-Bounds Read

MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file.

CVSS 6.5

View Code

CVE-2016-7538 WRITEUP MEDIUM WRITEUP

Imagemagick - Out-of-Bounds Write

coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.

CVSS 6.5

View Code

CVE-2016-7539 WRITEUP HIGH WRITEUP

Imagemagick < 6.9.9-3 - Resource Management Error

Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.

CVSS 7.5

View Code

CVE-2016-7799 WRITEUP MEDIUM WRITEUP

Imagemagick < 6.9.6-0 - Out-of-Bounds Read

MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.

CVSS 6.5

View Code

CVE-2016-7906 WRITEUP MEDIUM WRITEUP

Imagemagick - Use After Free

magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to cause a denial of service (use-after-free) via a crafted file.

CVSS 5.5

View Code

CVE-2016-8677 WRITEUP HIGH WRITEUP

ImageMagick <7.0.3-1 - Memory Corruption

The AcquireQuantumPixels function in MagickCore/quantum.c in ImageMagick before 7.0.3-1 allows remote attackers to have unspecified impact via a crafted image file, which triggers a memory allocation failure.

CVSS 8.8

View Code

CVE-2016-9298 WRITEUP MEDIUM WRITEUP

ImageMagick <6.9.6-4, <7.0.3-6 - Buffer Overflow

Heap overflow in the WaveletDenoiseImage function in MagickCore/fx.c in ImageMagick before 6.9.6-4 and 7.x before 7.0.3-6 allows remote attackers to cause a denial of service (crash) via a crafted image.

CVSS 5.5

View Code

CVE-2016-9556 WRITEUP MEDIUM WRITEUP

Imagemagick - Memory Corruption

The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file.

CVSS 5.5

View Code

CVE-2016-9559 WRITEUP MEDIUM WRITEUP

Imagemagick < 6.9.6-5 - NULL Pointer Dereference

coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image.

CVSS 6.5

View Code

CVE-2017-11448 WRITEUP MEDIUM WRITEUP

Imagemagick < 6.9.9-0 - Information Disclosure

The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file.

CVSS 6.5

View Code

Cristy