Cristy

175 exploits Active since Dec 2016
CVE-2022-32545 WRITEUP HIGH WRITEUP
Imagemagick < 6.9.12-43 - Integer Overflow
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.
CVSS 7.8
CVE-2022-32546 WRITEUP HIGH WRITEUP
Imagemagick < 6.9.12-44 - Integer Overflow
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.
CVSS 7.8
CVE-2022-32547 WRITEUP HIGH WRITEUP
ImageMagick - Memory Corruption
In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior.
CVSS 7.8
CVE-2022-3213 WRITEUP MEDIUM WRITEUP
ImageMagick - Buffer Overflow
A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIFF file, it could lead to undefined behavior or a crash causing a denial of service.
CVSS 5.5
CVE-2022-3213 WRITEUP MEDIUM WRITEUP
ImageMagick - Buffer Overflow
A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIFF file, it could lead to undefined behavior or a crash causing a denial of service.
CVSS 5.5
CVE-2023-1289 WRITEUP MEDIUM WRITEUP
Imagemagick < 7.1.1-0 - Improper Input Validation
A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial of service. When ImageMagick crashes, it generates a lot of trash files. These trash files can be large if the SVG file contains many render actions. In a denial of service attack, if a remote attacker uploads an SVG file of size t, ImageMagick generates files of size 103*t. If an attacker uploads a 100M SVG, the server will generate about 10G.
CVSS 5.5
CVE-2023-1906 WRITEUP MEDIUM WRITEUP
ImageMagick - Buffer Overflow
A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service.
CVSS 5.5
CVE-2023-1906 WRITEUP MEDIUM WRITEUP
ImageMagick - Buffer Overflow
A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service.
CVSS 5.5
CVE-2023-3195 WRITEUP MEDIUM WRITEUP
ImageMagick - Buffer Overflow
A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c. This flaw allows an attacker to trick the user into opening a specially crafted malicious tiff file, causing an application to crash, resulting in a denial of service.
CVSS 5.5
CVE-2023-3195 WRITEUP MEDIUM WRITEUP
ImageMagick - Buffer Overflow
A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c. This flaw allows an attacker to trick the user into opening a specially crafted malicious tiff file, causing an application to crash, resulting in a denial of service.
CVSS 5.5
CVE-2023-34474 WRITEUP MEDIUM WRITEUP
Imagemagick < 7.1.1-10 - Out-of-Bounds Write
A heap-based buffer overflow issue was discovered in ImageMagick's ReadTIM2ImageData() function in coders/tim2.c. A local attacker could trick the user in opening specially crafted file, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service.
CVSS 5.5
CVE-2023-34475 WRITEUP MEDIUM WRITEUP
Imagemagick < 7.1.1-10 - Use After Free
A heap use after free issue was discovered in ImageMagick's ReplaceXmpValue() function in MagickCore/profile.c. An attacker could trick user to open a specially crafted file to convert, triggering an heap-use-after-free write error, allowing an application to crash, resulting in a denial of service.
CVSS 5.5
CVE-2023-3745 WRITEUP MEDIUM WRITEUP
Imagemagick < 6.9-11-0 - Out-of-Bounds Write
A heap-based buffer overflow issue was found in ImageMagick's PushCharPixel() function in quantum-private.h. This issue may allow a local attacker to trick the user into opening a specially crafted file, triggering an out-of-bounds read error and allowing an application to crash, resulting in a denial of service.
CVSS 5.5
CVE-2023-3745 WRITEUP MEDIUM WRITEUP
Imagemagick < 6.9-11-0 - Out-of-Bounds Write
A heap-based buffer overflow issue was found in ImageMagick's PushCharPixel() function in quantum-private.h. This issue may allow a local attacker to trick the user into opening a specially crafted file, triggering an out-of-bounds read error and allowing an application to crash, resulting in a denial of service.
CVSS 5.5
CVE-2023-5341 WRITEUP MEDIUM WRITEUP
Imagemagick < 7.1.2 - Use After Free
A heap use-after-free flaw was found in coders/bmp.c in ImageMagick.
CVSS 6.2
CVE-2025-46393 WRITEUP LOW WRITEUP
ImageMagick <7.1.1-44 - Buffer Overflow
In multispectral MIFF image processing in ImageMagick before 7.1.1-44, packet_size is mishandled (related to the rendering of all channels in an arbitrary order).
CVSS 2.9
CVE-2025-53101 WRITEUP HIGH WRITEUP
ImageMagick <7.1.2-0, <6.9.13-26 - Buffer Overflow
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's `magick mogrify` command, specifying multiple consecutive `%d` format specifiers in a filename template causes internal pointer arithmetic to generate an address below the beginning of the stack buffer, resulting in a stack overflow through `vsnprintf()`. Versions 7.1.2-0 and 6.9.13-26 fix the issue.
CVSS 7.4
CVE-2025-55212 WRITEUP LOW WRITEUP
ImageMagick <6.9.13-28, <7.1.2-2 - DoS
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2, passing a geometry string containing only a colon (":") to montage -geometry leads GetGeometry() to set width/height to 0. Later, ThumbnailImage() divides by these zero dimensions, triggering a crash (SIGFPE/abort), resulting in a denial of service. This issue has been patched in versions 6.9.13-28 and 7.1.2-2.
CVSS 3.7
CVE-2025-55298 WRITEUP HIGH WRITEUP
ImageMagick <6.9.13-28 & <7.1.2 - RCE
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleString without proper sanitization. An attacker can overwrite arbitrary memory regions, enabling a wide range of attacks from heap overflow to remote code execution. This issue has been patched in versions 6.9.13-28 and 7.1.2-2.
CVSS 7.5
CVE-2025-57803 WRITEUP HIGH WRITEUP
Imagemagick < 6.9.13-28 - Integer Overflow
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit build, a 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses bytes_per_line (stride) to a tiny value while the per-row writer still emits 3 × width bytes for 24-bpp images. The row base pointer advances using the (overflowed) stride, so the first row immediately writes past its slot and into adjacent heap memory with attacker-controlled bytes. This is a classic, powerful primitive for heap corruption in common auto-convert pipelines. This issue has been patched in versions 6.9.13-28 and 7.1.2-2.
CVSS 7.5
CVE-2025-57807 WRITEUP LOW WRITEUP
Imagemagick < 6.9.13-29 - Out-of-Bounds Write
ImageMagick is free and open-source software used for editing and manipulating digital images. ImageMagick versions lower than 14.8.2 include insecure functions: SeekBlob(), which permits advancing the stream offset beyond the current end without increasing capacity, and WriteBlob(), which then expands by quantum + length (amortized) instead of offset + length, and copies to data + offset. When offset ≫ extent, the copy targets memory beyond the allocation, producing a deterministic heap write on 64-bit builds. No 2⁶⁴ arithmetic wrap, external delegates, or policy settings are required. This is fixed in version 14.8.2.
CVSS 3.8
CVE-2025-62594 WRITEUP MEDIUM WRITEUP
Imagemagick < 7.1.2-8 - Divide By Zero
ImageMagick is a software suite to create, edit, compose, or convert bitmap images. ImageMagick versions prior to 7.1.2-8 are vulnerable to denial-of-service due to unsigned integer underflow and division-by-zero in the CLAHEImage function. When tile width or height is zero, unsigned underflow occurs in pointer arithmetic, leading to out-of-bounds memory access, and division-by-zero causes immediate crashes. This issue has been patched in version 7.1.2-8.
CVSS 4.7
CVE-2025-68618 WRITEUP MEDIUM WRITEUP
ImageMagick <7.1.2-12 - DoS
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, using Magick to read a malicious SVG file resulted in a DoS attack. Version 7.1.2-12 fixes the issue.
CVSS 5.3
CVE-2025-68950 WRITEUP MEDIUM WRITEUP
ImageMagick <7.1.2-12 - DoS
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a stack overflow. This is a DoS vulnerability, and any situation that allows reading the mvg file will be affected. Version 7.1.2-12 fixes the issue.
CVSS 4.0
CVE-2025-69204 WRITEUP MEDIUM WRITEUP
Imagemagick < 7.1.2-12 - Integer Overflow
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, in the WriteSVGImage function, using an int variable to store number_attributes caused an integer overflow. This, in turn, triggered a buffer overflow and caused a DoS attack. Version 7.1.2-12 fixes the issue.
CVSS 5.3