Cristy

204 exploits Active since Dec 2016
CVE-2025-62594 WRITEUP MEDIUM WRITEUP
ImageMagick < 7.1.2-8 - Denial of Service via CLAHEImage Function
ImageMagick is a software suite to create, edit, compose, or convert bitmap images. ImageMagick versions prior to 7.1.2-8 are vulnerable to denial-of-service due to unsigned integer underflow and division-by-zero in the CLAHEImage function. When tile width or height is zero, unsigned underflow occurs in pointer arithmetic, leading to out-of-bounds memory access, and division-by-zero causes immediate crashes. This issue has been patched in version 7.1.2-8.
CVSS 4.7
CVE-2025-68618 WRITEUP MEDIUM WRITEUP
ImageMagick < 7.1.2-12 - Denial of Service via Malicious SVG File
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, using Magick to read a malicious SVG file resulted in a DoS attack. Version 7.1.2-12 fixes the issue.
CVSS 5.3
CVE-2025-68950 WRITEUP MEDIUM WRITEUP
ImageMagick < 7.1.2-12 - Denial of Service via Circular MVG Reference
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a stack overflow. This is a DoS vulnerability, and any situation that allows reading the mvg file will be affected. Version 7.1.2-12 fixes the issue.
CVSS 4.0
CVE-2025-69204 WRITEUP MEDIUM WRITEUP
ImageMagick < 7.1.2-12 - Denial of Service via Integer Overflow in WriteSVGImage
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, in the WriteSVGImage function, using an int variable to store number_attributes caused an integer overflow. This, in turn, triggered a buffer overflow and caused a DoS attack. Version 7.1.2-12 fixes the issue.
CVSS 5.3